Re: Remote Authentication

From: Arjan de Vet <[email protected]>
Date: Thu, 22 May 1997 08:40:45 +0200 (MET DST)

David Richards:

> This is pretty important so a prompt reply would be greatly
>appreciated.
>
> I have a function written that will authenticate against a remote
>authentication system. This is an "in house" system. I pass to this
>function the username, password and the client's ip address (the browser,
>not the proxy ).
>
> The syntax is:
>
> Auth( char *username, char *password, char *ip )
>
>What do I need to do to client_side.c to make this work?? I am using the
>acl + proxy auth patch written by Arjan de Vet, I am trying to change
>squid v1.1.10

Because it's a remote authentication system it is not as simple as
replacing one function call with your Auth function. The problem is that
your Auth function will wait for a reply from the network (I think) during
which Squid just blocks. It could be solved by using external processes
like dnsserver but I'm trying first to implement the functionality in
Squid itself.

What we need are two functions:

- One that sends a request and records some data about the request;

- One that handles the answer to a request, using the recorded data.

The send function will send a request through a socket and then Squid is
instructed to call the handler as soons as data is being received on that
socket. During that time Squid can handle other things.

Furthermore I think that you need to cache usercode/password combinations
because an auth lookup for each request decreases response time too much.
There is already some password caching but timeouts need to be implemented
in another way (now the entries timeout as soon as the passwd file
changes, if I remember correctly).

Arjan
Received on Wed May 21 1997 - 23:58:51 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:35:14 MST