Re: [squid-users] maybe I can use proxy_auth with interception if ....

From: Henrik Nordstrom <hno@dont-contact.us>
Date: 28 Feb 2003 16:58:08 +0100

fre 2003-02-28 klockan 15.33 skrev Lucas Brasilino:

> > b) The browser will request again for the password on each new web
> > site requested.
>
>
> I didn't realise this issue since squid shouldn't send "401 Unauthorized"
> to browser for each new web site, only in the first
> access attempt.

There is no such thing as a "login session" in HTTP, and if it was it
would certainly not span multiple web sites..

The only reason why you do not see a login box in each and every request
is because your web browser is smart and assumes that if login was
required for one request to the web site (or proxy in case of proxy
authentication) then it will also be required for the next request to
the same web site (or proxy in case of proxy authentication) and assumes
the same login+password should be used again there as well.

A typical chain of events for a web site requiring authentication:

< GET /
> 401 Unauthorized

< GET /, Authorize=login:password
> 200 OK

< GET /images/something.gif, Authorize=login:password
> 200 OK

And from this I think it is obvious that the browser has to ask again
before sending the same login:password to another web site..

Regards
Henrik

-- 
Henrik Nordstrom <hno@squid-cache.org>
MARA Systems AB, Sweden
Received on Fri Feb 28 2003 - 08:58:15 MST

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:13:45 MST