Re: [squid-users] About Transparency Proxy and the External Authentication Programming.

From: Henrik Nordstrom <hno@dont-contact.us>
Date: Tue, 16 Oct 2001 22:48:54 +0200

For security reasons browsers wont accept any attempts in proxy
authentication unless they are configured to use a proxy.

How can you expect to log in to something you are not knowing you are
using, or able to positively identify what it is? For all what the
browser knows it is talking directly to the origin site with no proxy
inbetween. You could ask the browser for user credentials to log into
the site, but this obviously collides with real logins to the site, and
is also quite awkward to use as you then have to login again on each and
every site visited. Makes sense in accelerators, but nor proxies.

Regards
Henrik Nordström
Squid Hacker

hgreen wrote:
>
> hi all,
> From http://squid.visolve.com/squid24s1/access_controls.htm#acl , they say:
> ------------------
> proxy_auth can't be used in a transparent proxy. It collides with any authentication done by origin servers. It may seem like it works at first, but it doesn't. When a Proxy-Authentication header is sent but it is not needed during ACL checking the username is NOT logged in access.log.
> ------------------
> So ,who can tell me, Does this is true?
>
> regards
> hgreen
> ------------------------
> I Love This World!
> ------------------------
Received on Tue Oct 16 2001 - 14:48:15 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:02:47 MST