Re: [squid-users] username and password in TRANSPARENT mode

From: Neil A. Hillard <[email protected]>
Date: Mon, 06 Aug 2007 10:24:03 +0100

Hi,

Adrian Chadd wrote:
> On Mon, Aug 06, 2007, Indunil Jayasooriya wrote:
>> I am runing squid with nsca_ath feature.
>> I have configured client browser to use squid proxy server with ip
>> address and port 3128. All work fine.
>>
>> Then, I configured SQUID in TRANSPARENT mode. Then, I lost the user
>> name and password feature. Is it NORMAL in TRANSPARENT mode?
>>
>> This happened in SQUID 2.5.
>
> I don't know why this isn't better documented, alas. No, transparent
> interception doesn't function with proxy authentication. Its a shortcoming
> of the HTTP RFC spec. I hear rumours about commercial products supporting
> cookie-type hacks to do authentication but I've never seen it live.
>
> Use WPAD+proxy.pac to autodiscover proxy services for a LAN.

It's documented in the FAQ (hence my previous reply)!

I can't see how it's a shortcoming of the protocol. If the browser
isn't aware that there is a proxy then why would it (why should it) try
to authenticate to one? Tell it that a proxy exists and it's more than
happy to authenticate.

Interception is less than ideal.

                                Neil.

-- 
Neil Hillard                    neil.hillard@agustawestland.com
AgustaWestland                  http://www.whl.co.uk/
Disclaimer: This message does not necessarily reflect the
            views of Westland Helicopters Ltd.
Received on Mon Aug 06 2007 - 03:24:08 MDT

This archive was generated by hypermail pre-2.1.9 : Sat Sep 01 2007 - 12:00:03 MDT