Re: [squid-users] Users need to authenticate time and again (solved)

From: Christoph Haas <[email protected]>
Date: Mon, 1 Sep 2003 11:21:44 +0200

On Fri, Aug 29, 2003 at 05:31:40PM +0200, Henrik Nordstrom wrote:
> Enable log_mime_hdrs and pay attention to the Proxy-Authorization
> headers sent by the browser. This header contains BASE64 encoded
> login:password, and if it shows differences between a failed and a
> successful request when you think both should have worked then your
> browser is goofing up.

I solved the problem. The fault lay deep in the squid.conf. :)
Our cluster consisted of multiple nodes which use each other as
siblings. The one proxy node that caused our reauthentication problem
tried to use another node as a sibling, which - in turn - missed an ACL
to allow just these sibling accesses. Why this lead to a 407 instead of
an internal error is not clear to me.

The log files were very confusing. Henrik, is it possible to throw a
warning into the cache.log if the sibling access was denied? I don't
have any debug options on currently but think this would be important
enough to be written to the logs. Maybe I have even overlooked it
stupidly.

 Christoph

-- 
~
~
".signature" [Modified] 3 lines --100%--                3,41         All
Received on Mon Sep 01 2003 - 03:21:50 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:19:27 MST