[squid-users] Login/Pass from squid to Squid
FredB
fredbmail at free.fr
Thu Nov 3 15:25:17 UTC 2016
> Authentication credentials represent and verify the identity of your
> proxy. That is a fixed thing so why would the credentials used to
> verify
> that static identity need to change?
I'm only speaking about users identities, not something like cache_peer login=XXX
So each user must have is own ID
>
> NP: Proxy-auth is not related to the message itelf, but to the
> transport
> mechanism. Do not confuse the identity of the proxy/sender with the
> traffic flowing through it from other sources.
Yes
>
> That said, you can use request_header_add to add whatever headers you
> like to upstream requests. Even proxy-auth headers. You just cant
> easily
> handle any 407 which result from that when the credentials are not
> accepted. So the ACL you use better be 100% accurate when it matches.
Ah ok great, so maybe we can imagine something like this
If an acl match a specific address (eg 10.1.1.1) I put Authorization: BASIC Z3Vlc3Q6Z3Vlc3QxMjM= ?
It's what I was talking about helper, maybe a separate program should be better for matching IP=USERNAME
If there is many users the ACL will be very long and complex ...
Thanks for your help
More information about the squid-users
mailing list