Henrik Nordstrom <hno@hem.passagen.se> on Sat, 30 Jun 2001 10:49:43 +0200 wrote:
> Peter Wood wrote:
>
> > > This can theoretically be done by using log_mime_hdrs, and then
> > > postprocess the logs to extract the relevant HTTP header information,
> >
> > I tried this (It does produce a lot of extra data!!) but although I can see
> > users logging into, say, Hotmail (I'm seeing "EmailAddress=username") I can't
> > see any logins to our parent cache... What would they look like?
> > Would they be in a plain text format or encrypted in some way?
>
> Proxy-Authorization:
> followed by a base64 encoded string consisting of username:password.
Yes, got it. Very interesting. I now need to extract the authorization string, time info
and, say, web site visited out to another file (what application within Linux can do
this easily? Awk?).
Then run a program which decodes the base 64 (Even I can write that!). Hmmm. This sounds
quite possible. A bit clunky though.
> But I think the easiest path would be to hack the proxy to log the
> username even if not performing logins.
How does one 'hack the proxy'? Does this involve getting down into the 'C' code of Squid
itself ?
regards,
Peter
Received on Mon Jul 02 2001 - 18:03:28 MDT
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:00:58 MST