Re: [squid-users] enabling X-Authenticated-user

From: Brett Lymn <brett.lymn_at_baesystems.com>
Date: Thu, 1 Mar 2012 15:36:41 +1030

On Thu, Mar 01, 2012 at 03:17:43PM +1030, Michael Hendrie wrote:
>
> I have a commercial web filtering and reporting product (although I think different from yours) that can also make use of the X-Authenticated-User header (as well as other user identification methods).
>
> I have previously patched 3.0 versions of squid using the patch from http://www.squid-cache.org/mail-archive/squid-dev/201004/0199.html.
>
> I'm sure it wouldn't be too hard to port to other versions of squid.
>

Thanks, that does save me a bit of work but I am reticent of doing an
"unofficial" patch for fear of it breaking when I upgrade squid and
having to respin the patch - I can easily do the respin but others may
not be able to do this which is a bit of a problem.

I think Amos has been pretty clear that this won't be a supported header
and I can understand the reasoning for that. Having a look at the
instructions for the BlueCoat it started me thinking that maybe a way to
approach this in squid is to do something similar - allow a user defined
header to be inserted. Something like:

insert_user_header X-Foo-Bar %u

Where %u is replaced by the username - if the username is null the
header is not inserted. This would mean that the squid code never has
any non-standard headers in the code base but users can happily shoot
holes in their own feet.

-- 
Brett Lymn
"Warning:
The information contained in this email and any attached files is
confidential to BAE Systems Australia. If you are not the intended
recipient, any use, disclosure or copying of this email or any
attachments is expressly prohibited.  If you have received this email
in error, please notify us immediately. VIRUS: Every care has been
taken to ensure this email and its attachments are virus free,
however, any loss or damage incurred in using this email is not the
sender's responsibility.  It is your responsibility to ensure virus
checks are completed before installing any data sent in this email to
your computer."
Received on Thu Mar 01 2012 - 05:07:02 MST

This archive was generated by hypermail 2.2.0 : Thu Mar 01 2012 - 12:00:05 MST