[squid-users] can squid handle indirect request from clients ?
Amos Jeffries
squid3 at treenet.co.nz
Tue Feb 17 21:48:36 UTC 2015
On 18/02/2015 3:04 p.m., snakeeyes wrote:
> Thanks eleizer , but does it support other types like radius authentication ?
>
> I mean all types of authentications are forbidden in intercept mode ?
<http://wiki.squid-cache.org/SquidFaq/InterceptionProxy>
"
* Why can't I use authentication together with interception proxying?
Interception Proxying works by having an active agent (the proxy) where
there should be none. The browser is not expecting it to be there, and
it's for all effects and purposes being cheated or, at best, confused.
As an user of that browser, I would require it not to give away any
credentials to an unexpected party, wouldn't you agree? Especially so
when the user-agent can do so without notifying the user, like Microsoft
browsers can do when the proxy offers any of the Microsoft-designed
authentication schemes such as NTLM (see SquidFaq/ProxyAuthentication
and Features/NegotiateAuthentication).
In other words, it's not a squid bug, but a browser security feature.
"
Amos
More information about the squid-users
mailing list