[squid-users] Accelerated Proxy with Proxy-Auth and Server-Auth

From: Mark Wallis <[email protected]>
Date: Mon, 24 Mar 2003 07:29:26 +1100

Hi Everyone,

I've done quite a bit of reading about squid authentication and the
accelerated proxy features but I still have one question in regards to a
setup I am currently configuring. I think it's currently impossible todo
what I want but I thought it best to check with the experts first.

I have a Squid server setup as an accelerated server for a single host (at
the moment). This squid server is the latest build of version 3.0 and is
configured todo Proxy auth via RADIUS (as this feature was only added in the
latest builds). All works fine - when a client access this machine it gets
asked for the radius logon, is authenticated and then the request to the web
server is processed.

The problem occurs when the application on the web server wants Basic
authentication also. It looks like the 401 code for authorisation makes it
back to the user okay with the different Realm but when the user sends their
details back Squid picks them up thinking they belong to it's authentication
....... it doesn't just pass them through to the web server. Hence since the
second authentication is a different user/pass to the first Squid fails the
authentication and denies the access.

Is this a known issue ? Is there anyway around this or just can't you use
Accel+Auth+ClientAuth currently.

Thanks for all your help.

Mark Wallis
mwallis@serialmonkey.com
Received on Sun Mar 23 2003 - 13:29:37 MST

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:14:18 MST