[squid-users] Squid auth methods that work without direct app support? Wrappers or "helper" apps for clients to auth to Squid?

From: Bucci, David G <david.g.bucci_at_lmco.com>
Date: Fri, 17 Sep 2010 13:45:20 -0400

Hi, all -- we have a situation where we would benefit (or are at least exploring) turning on authentication in Squid. But we have several apps that use HTTP (REST, basically) for their communication, and don't have built-in support for basic auth, Kerberos, etc.

So, a basic question. Is anyone aware of any approaches to leveraging proxy authentication with custom-coded applications in such situations? Are there any auth methods that can be configured to work from Windows clients "automagically", via built-in support at the network stack level, invisibly or independent of the custom application issuing the HTTP calls that are being proxied? Or, alternatively, are there "wrapper" approaches that can be used to enable proxy authentication for the apps?

The client and server environments are both Windows, btw. And we have flexibility to run Squid on the client as well as the servers, if it makes approaches possible (this indirectly relates to the chains a month ago about using Squid on both a client and server to create a poor-man's SSL VPN - which we ended up not doing, because of the instability of the SSL support in the Squid install from Acme, unfortunately, we instead leveraged Squid only on the server, and are sending proxy calls through Stunnel).

This might sound like an arcane situation (or maybe not, not sure) - but we're forced to secure 3rd party applications for which we aren't allowed to touch the code <sigh>.

Tia!

----
David G. Bucci

Chuck Norris can kick through all 6 degrees of separation,
hitting anyone, anywhere, in the face, at any time.
                                -- ChuckNorrisFacts.com
Received on Fri Sep 17 2010 - 17:45:37 MDT

This archive was generated by hypermail 2.2.0 : Mon Sep 20 2010 - 12:00:03 MDT