Re: [squid-users] Solutions for transparent + proxy_auth?

From: Henrik Nordstrom <[email protected]>
Date: Thu, 23 Feb 2006 15:46:43 +0100

tis 2006-02-21 klockan 10:51 -0600 skrev Steve Brown:

> Yes there is a user/pass. Everyone is saying that the broswer
> shouldn't indiscriminately provide crednetials, which I agree with.
> However, in the setup I am proposing, the browser isn't submitting
> credentials. The traffic is intercepted by a local proxy, which does
> *not* have authentication and only responds to localhost traffic. The
> local proxy then queries the parent cache with the u/p provided by the
> login parameter in the cache_peer config option. So the
> authentication is there, it just doesn't require any user interaction.

This is entirely fine.

The relation between your Squid and the parent is not transparent
interception, and using cache_peer to specify the login to use in this
relation is perfectly fine. It's only in the relation your Squid <-> the
client where proxy authentication can not be used (including pass-thru
using login=PASS in the cache_peer line..)

Regards
Henrik

Received on Thu Feb 23 2006 - 07:46:51 MST

This archive was generated by hypermail pre-2.1.9 : Wed Mar 01 2006 - 12:00:04 MST