[squid-users] Squid chaining auth

From: Romuald Guillou <[email protected]>
Date: Mon, 13 Dec 2004 14:54:52 +0100

Hello,
 
 
I have a central proxy BlueCoat and many peripheral squid proxies
 
the proxy chaining is the folowing:
 
Client->squid 2.4stable7->Bluecoat SG->internet
 
The bluecoat is authenticating users with Ldap and I 'm using a cookie to
authenticate users.
 
The trouble is that a first client authenticate, through a pop up, with user
name and password user1, he has privilege to surf internet. A second client,
user2, want to go internet sites, bluecoat returns the authentication popup,
the user click "cancel" then he can surf internet. In the logs we can see
user2 has authenticated with user1 credencials. in this case squid is not
passing the credentials of last user and not deny access.
 
Regards,
 

Romuald GUILLOU
Received on Mon Dec 13 2004 - 06:53:41 MST

This archive was generated by hypermail pre-2.1.9 : Sat Jan 01 2005 - 12:00:02 MST