Re: [squid-users] Logging user names

From: Peter Wood <woodp@dont-contact.us>
Date: Tue, 03 Jul 2001 10:03:22 +1000

Henrik Nordstrom <hno@hem.passagen.se> on Sat, 30 Jun 2001 10:49:43 +0200 wrote:
> Peter Wood wrote:
>
> > > This can theoretically be done by using log_mime_hdrs, and then
> > > postprocess the logs to extract the relevant HTTP header information,
> >
> > I tried this (It does produce a lot of extra data!!) but although I can see
> > users logging into, say, Hotmail (I'm seeing "EmailAddress=username") I can't
> > see any logins to our parent cache... What would they look like?
> > Would they be in a plain text format or encrypted in some way?
>
> Proxy-Authorization:
> followed by a base64 encoded string consisting of username:password.

Yes, got it. Very interesting. I now need to extract the authorization string, time info
and, say, web site visited out to another file (what application within Linux can do
this easily? Awk?).
Then run a program which decodes the base 64 (Even I can write that!). Hmmm. This sounds
quite possible. A bit clunky though.

> But I think the easiest path would be to hack the proxy to log the
> username even if not performing logins.
How does one 'hack the proxy'? Does this involve getting down into the 'C' code of Squid
itself ?

regards,

Peter
Received on Mon Jul 02 2001 - 18:03:28 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:00:58 MST