Re: [squid-users] Configuring Squid to pass through HTTP authentication

From: Amos Jeffries <squid3_at_treenet.co.nz>
Date: Wed, 24 Sep 2008 15:09:47 +1200 (NZST)

> Hi,
>
> I manage a Squid installation that acts as a proxy (but not cache) for
> a set of HTTP servers. I recently encountered a need to password
> protect a directory full of content using HTTP authentication
> (preferably digest, but open to basic if necessary). For various
> reasons, it's more convenient to perform the authentication on the
> proxied servers rather than in Squid. Is there a way to configure
> Squid to pass authentication headers through to the proxied servers?
> Right now, it's stripping authentication-related headers set by
> clients. I tried using the "cache deny" directive with a
> "urlpath_regex" ACL matching the protected directory, but it made no
> difference.
>
> Thanks.
>

For reverse proxies you add the option "login=PASS" (exact string) to
their cache_peer lines.

For regular proxies web authentication is always passed to the web
servers. or you may have some config stripping them explicitly.

Amos
Received on Wed Sep 24 2008 - 03:09:50 MDT

This archive was generated by hypermail 2.2.0 : Wed Sep 24 2008 - 12:00:03 MDT