Re: [squid-users] No userid in access.log

From: Henrik Nordstrom <henrik@dont-contact.us>
Date: Sat, 05 Apr 2008 21:37:54 +0200

fre 2008-04-04 klockan 10:56 +0800 skrev CC Ngu:
> When I use Login=PASS in cache_peer option (i.e. pass the authentication
> to the parent), there is no userid information in the access.log, is it
> possible to show the userid in the local squid's access.log?

You need to tech Squid how to sniff the userid from the traffic in such
case. Actually not too hard, but some coding is needed. I would suggest
starting by using an external acl type for the purpose..

external_acl_type %{Proxy-Authenticate} /path/to/your/helper

and in your custom helper pars the Proxy-Authenticate headers and return
a suitable USER=xxx attribute on Squid when a username is seen.

This will work for the standard HTTP authentication schemes (i.e. Basic
and Digest), but will fail for the Microsoft hacked shemes (i.e.
NTLM/Negotiate/Kerberos) for the same reasons these are hard to proxy...

Regards
Henrik
Received on Sat Apr 05 2008 - 13:39:07 MDT

This archive was generated by hypermail 2.2.0 : Thu May 01 2008 - 12:00:04 MDT