I finaly found some time to set this up, but still have some questions:
On the internet outlook.company.com points to my squid server.
On my intranet outlook.company.net points to my (intranet) web server.
squid.conf
http_port 80
httpd_accel_host outlook.company.net
------
This works allright.
------
Next step is to make the login to the outlook.company.net server
automatically
(I have created ,lets say, a postmaster with password passmaster for this)
If I enter from the internet:
http://postmaster:passmaster@outlook.company.com/ I can see that I am
authenticated.
So I followed you advise and added in squid.conf
squid.conf
cache_peer outlook.company.net sibling 80 7 login=postmaster:passmaster
cache_peer_domain outlook.company.net outlook.company.net
--------
This does not work :-(
--------
I also tried to enter:
squid.conf
cache_peer IP sibling 80 7 login=postmaster:passmaster
cache_peer_domain IP outlook.company.net
------
Does not work either :-(
------
What am I doing wrong?
>
> >From the current (Squid-HEAD) cache_peer documentation:
>
> use 'login=user:password' if this is a personal/workgroup
> proxy and your parent requires proxy authentication.
> Note: The string can include URL escapes (i.e. %20 for
> spaces). This also means that % must be written as %%.
>
> use 'login=PASS' if users must authenticate against
> the upstream proxy. Note: To combine this with
> proxy_auth both proxies must share the same user
> database as HTTP only allows for one proxy login.
> Also be warned that this will expose your users proxy
> password to the parent. USE WITH CAUTION
>
> use 'login=*:password' to pass the username to the
> upstream cache, but with a fixed password. This is meant
> to be used when the peer is in another administrative
> domain, but it is still needed to identify each user.
> The star can optionally be followed by some extra
> information which is added to the username. This can
> be used to identify this proxy to the peer, similar to
> the login=username:password option above.
>
>
> > Logon to the server using a static (secret) usename+password.
>
> Which can be done by the login= cache_peer option if the server is
> defined as a cache peer, or if not defined as a cache_peer by a
> redirector by adding the login information to the URL
> (http://login:password@host/...).
>
> With the cache_peer approach you also have the options discussed above
> in preserving all or part of the login information.
Received on Wed Jul 04 2001 - 07:13:56 MDT
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:01:00 MST