On Wed, 2003-03-05 at 15:50, Henrik Nordstrom wrote:
> On Wednesday 05 March 2003 23.18, Craig Kelley wrote:
>
> > I would rather just have
> > squid do the basic authentication, but from what I understand it
> > cannot reliably do this when in httpd_accel mode (?).
>
> Sure you can. Just add the following line at the top of acl.c and
> rebuild Squid:
>
> #define AUTH_ON_ACCELERATION 1
>
> The reason to this define is that you cannot use authentication in
> transparent proxies and to Squid-2.X transparent proxies is
> "accelerators for all web servers", but there is no problem using
> authentication in real accelerators, it is only that it is slightly
> hidden to make sure people who runs transparent proxies does not
> think this can be done there, as it can't.
>
> This capability will be a lot more visible in Squid-3 as both the
> accelerator and transparent proxy modes of Squid has been reworked a
> bit and there no longer is a conflict between acceleration and
> transparent proxying, allowing authentication to always be available
> to accelerators without risking confusion in transparent proxy
> setups.
When I attempt to set this up, I get no caching. From my store.log I
see these entries:
1050944461.780 RELEASE -1 FFFFFFFF A517A3F93DAA31ADBE34FBD0D31BBFD3 200
1050944461 1050942166 -1 text/plain 25600/25600 GET
http://ibncache/test2.dat
Which, if I'm interpreting this correctly, means that it is successfully
parsing the Last-Modified header, but the "Expires" (reply->expires)
entry in the cache is set to "-1" for some reason. Any ideas?
-- Craig Kelley <ckelley@ibnads.com> In-Store Broadcasting Network -- Craig Kelley <ckelley@ibnads.com> In-Store Broadcasting NetworkReceived on Mon Apr 21 2003 - 11:34:05 MDT
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:15:07 MST