Re: [squid-users] Share authenticated sessions between two Squid severs

From: Amos Jeffries <squid3_at_treenet.co.nz>
Date: Sat, 27 Sep 2008 02:32:38 +1200

Pau Villarragut wrote:
> Hi,
>
> I want to build a cluster with two nodes of Squid Server. I have enable authentication to an Active Directory database via ntlm_auth.
>
> It's possible to share the user authenticated sessions between nodes??

Not that I ever heard of.

HTTP contains nothing such as a 'session'. So normal auth is sent on
every single request.

NTLM gets around that by authenticating not the request, but the TCP
link itself. You cannot have two servers and a client on the same link.

You can do NTLM auth on both squid though, and have the user
authenticate with whichever one its trying to use at the time.

keep-alive + persistent connections also come into play to keep a whole
series of requests from client to a single squid going down the same
authenticated link.

Amos

-- 
Please use Squid 2.7.STABLE4 or 3.0.STABLE9
Received on Fri Sep 26 2008 - 14:32:53 MDT

This archive was generated by hypermail 2.2.0 : Fri Sep 26 2008 - 12:00:03 MDT