Hi, Amos
> Um, what is your use-case here?
> * Squid logging into the ICAP server?
> * Performing Basic auth with different realms based on ICAP criteria?
+------+
|server|
+-+----+
|
---+--+---------
|
+----+-----+ +-------------+ +----------+
| squid | <------> | ICAP server | <---> | AD |
+----------+ reqmod +-------------+ auth +----------+
|
---+--+---------
|
+-+----+
|client|
+------+
* The ICAP server has BASIC authentication feature "by itself".
So, ICAP server returns
HTTP/1.0 407 Proxy Authentication Required
Proxy-Authenticate: Basic realm="XXXXX"
* I don't use squid's authentication feature.
I'd like squid to permit the header. Do you understand ?
Sincerely,
-- Mikio Kishi On Sun, Aug 15, 2010 at 10:40 AM, Amos Jeffries <squid3_at_treenet.co.nz> wrote: > Mikio Kishi wrote: >> >> Hi, all >> >> If the icap server(reqmod) responses the following, >> >> HTTP/1.0 407 Proxy Authentication Required >> Proxy-Authenticate: Basic realm="XXXXX" >> >> squid try to delete the Proxy-Authenticate header .... >> >>> client_side_reply.cc >>> 1218 // if there is not configured a peer proxy with login=PASS >>> option enabled >>> 1219 // remove the Proxy-Authenticate header >>> 1220 if ( !(request->peer_login && >>> strcmp(request->peer_login,"PASS") ==0)) >>> 1221 reply->header.delById(HDR_PROXY_AUTHENTICATE); >> >> The above codes is that. For your information, squid 3.0 is no problem. >> What do you think ? >> >> Squid version: 3.1.6 > > Um, what is your use-case here? > * Squid logging into the ICAP server? > * Performing Basic auth with different realms based on ICAP criteria? > > Amos > -- > Please be using > Current Stable Squid 2.7.STABLE9 or 3.1.6 > Beta testers wanted for 3.2.0.1 >Received on Sun Aug 15 2010 - 18:13:40 MDT
This archive was generated by hypermail 2.2.0 : Mon Aug 16 2010 - 12:00:02 MDT