Re: [squid-users] Proxy authentication bypass

From: Henrik Nordstrom <[email protected]>
Date: Sat, 07 Oct 2006 09:04:48 +0200

fre 2006-10-06 klockan 18:38 -0500 skrev P. Alex. Salamanca R.:
> But, how to provide user and password in the cache_peer directive?

From the documentation (squid.conf.default):

                cache_peer hostname type http_port icp_port [options]
[...]
                     login=user:password | PASS | *:password
[...]
                     use 'login=user:password' if this is a personal/workgroup
                     proxy and your parent requires proxy authentication.
                     Note: The string can include URL escapes (i.e. %20 for
                     spaces). This also means % must be written as %%.

                     use 'login=PASS' to forward authentication to the peer.
                     Needed if the peer requires login.
                     Note: To combine this with local authentication the Basic
                     authentication scheme must be used, and both servers must
                     share the same user database as HTTP only allows for
                     a single login (one for proxy, one for origin server).

                     use 'login=*:password' to pass the username to the
                     upstream cache, but with a fixed password. This is meant
                     to be used when the peer is in another administrative
                     domain, but it is still needed to identify each user.
                     The star can optionally be followed by some extra
                     information which is added to the username. This can
                     be used to identify this proxy to the peer, similar to
                     the login=username:password option above.

Regards
Henrik

Received on Sat Oct 07 2006 - 01:04:55 MDT

This archive was generated by hypermail pre-2.1.9 : Wed Nov 01 2006 - 12:00:04 MST