Re: [squid-users] deny_info page with passing login

From: Amos Jeffries <squid3_at_treenet.co.nz>
Date: Fri, 29 Apr 2011 19:57:21 +1200

On 29/04/11 19:28, Rafal Zawierta wrote:
>>> Or maybe (it will simplify all) - is it some method to get %LOGIN from
>>> headers sent by browser (as it was said before - I use
>>> squid_kerb_auth). In such case I don't need to pass anything special
>>> with deny_info.
>>
>> Yes that is the better way to do all this. You wont be passing username
>> un-encrypted.
>>
>> Just generate the error page using a background auth check in the page
>> script to lookup the username from the Proxy-Authentication header received.
>> You could even use squid_kerb_auth to do the sub-check, all it does for
>> Squid is take a copy of the header line and pass back the username on
>> success and error message fail.
>
> Hmm...
> So for example user is redirected via deny_info to
> http://mydenyserver.com/index.php
>
> And my page in php will exec squid_kerb_auth to receive username? You
> mean something like this?
>

Yes, exactly that.

Amos

-- 
Please be using
   Current Stable Squid 2.7.STABLE9 or 3.1.12
   Beta testers wanted for 3.2.0.7 and 3.1.12.1
Received on Fri Apr 29 2011 - 07:57:26 MDT

This archive was generated by hypermail 2.2.0 : Fri Apr 29 2011 - 12:00:05 MDT