On Fri, Aug 29, 2003 at 05:31:40PM +0200, Henrik Nordstrom wrote:
> Enable log_mime_hdrs and pay attention to the Proxy-Authorization
> headers sent by the browser. This header contains BASE64 encoded
> login:password, and if it shows differences between a failed and a
> successful request when you think both should have worked then your
> browser is goofing up.
I solved the problem. The fault lay deep in the squid.conf. :)
Our cluster consisted of multiple nodes which use each other as
siblings. The one proxy node that caused our reauthentication problem
tried to use another node as a sibling, which - in turn - missed an ACL
to allow just these sibling accesses. Why this lead to a 407 instead of
an internal error is not clear to me.
The log files were very confusing. Henrik, is it possible to throw a
warning into the cache.log if the sibling access was denied? I don't
have any debug options on currently but think this would be important
enough to be written to the logs. Maybe I have even overlooked it
stupidly.
Christoph
-- ~ ~ ".signature" [Modified] 3 lines --100%-- 3,41 AllReceived on Mon Sep 01 2003 - 03:21:50 MDT
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:19:27 MST