Dear Henrik,
I have just glanced through the documentation and I have one more doubt
about reverse ssl. Is it to use the redirector to "redirect" the
unauthenticate incoming http request to https for authentication and
afterwards, use redirector again to "redirect" again to http. For
example,
http://abc.abc.com -> https://abc.abc.com for authentication ->
http://abc.abc.com/ (authenticated)
Thx & Best Regards,
Jonathan Chiu
OLAPL
OOCL Logistics (Hong Kong) Ltd.
Unit 1, 4/F, Sun Hung Kai Centre
30 Harbour Road, Wanchai
Hong Kong
email: jonathan.chiu@oocl.com
Tel: 852. 2990-0174
Fax: 852. 2824-9017
-----Original Message-----
From: JONATHAN CHIU (ISD-OLAPL/HKG)
Sent: Friday, March 26, 2004 9:04 AM
To: hno@squid-cache.org
Cc: squid-users@squid-cache.org
Subject: RE: [squid-users] reverse ssl problem.
Henrik,
Many thx again for your clear direction.
Thx & Best Regards,
Jonathan Chiu
OLAPL
OOCL Logistics (Hong Kong) Ltd.
Unit 1, 4/F, Sun Hung Kai Centre
30 Harbour Road, Wanchai
Hong Kong
email: jonathan.chiu@oocl.com
Tel: 852. 2990-0174
Fax: 852. 2824-9017
-----Original Message-----
From: Henrik Nordstrom [mailto:hno@squid-cache.org]
Sent: Thursday, March 25, 2004 4:11 PM
To: JONATHAN CHIU (ISD-OLAPL/HKG)
Cc: squid-users@squid-cache.org
Subject: RE: [squid-users] reverse ssl problem.
On Thu, 25 Mar 2004 jonathan.chiu@oocl.com wrote:
> Dear Henrik,
>
> Many thx for your advise, what I would need to do is to setup SSL
> authentication to protect user name / password when obtaining access
> from intranet. After logging into squid thru https, browser client
from
> internet may change back to http (without 's') for continuing the web
> surfing. (Some of the intranet application like video streaming with
> mjepg does not working with https)
No problem there.
If you do not need https "on the inside" then Squid-2.5 is sufficient.
Even authentication in accelerators/reverse proxies is possible in
Squid-2.5 but requires a hidden define to be enabled.
If you need https "on the inside" then Squid-3 or Squid-2.5 + ssl update
is needed. In Squid-3 authentication for accelerators/reverseproxies
works
by default and no hidden define is needed.
Regards
Henrik
IMPORTANT NOTICE
Email from OOCL is confidential and may be legally privileged. If it is
not intended for you, please delete it immediately unread. The internet
cannot guarantee that this communication is free of viruses,
interception or interference and anyone who communicates with us by
email is taken to accept the risks in so doing. Without limitation,
OOCL and its affiliates accept no liability whatsoever and howsoever
arising in connection with the use of this email. Under no
circumstances shall this email constitute a binding agreement to carry
or for provision of carriage services by OOCL, which is subject to the
availability of carrier's equipment and vessels and the terms and
conditions of OOCL's standard bill of lading which is also available at
http://www.oocl.com.
IMPORTANT NOTICE
Email from OOCL is confidential and may be legally privileged. If it is not intended for you, please delete it immediately unread. The internet cannot guarantee that this communication is free of viruses, interception or interference and anyone who communicates with us by email is taken to accept the risks in so doing. Without limitation, OOCL and its affiliates accept no liability whatsoever and howsoever arising in connection with the use of this email. Under no circumstances shall this email constitute a binding agreement to carry or for provision of carriage services by OOCL, which is subject to the availability of carrier's equipment and vessels and the terms and conditions of OOCL's standard bill of lading which is also available at http://www.oocl.com.
Received on Thu Mar 25 2004 - 22:47:57 MST
This archive was generated by hypermail pre-2.1.9 : Thu Apr 01 2004 - 12:00:03 MST