[squid-users] Login/Pass from squid to Squid

FredB fredbmail at free.fr
Thu Nov 3 15:25:17 UTC 2016

> Authentication credentials represent and verify the identity of your
> proxy. That is a fixed thing so why would the credentials used to
> verify
> that static identity need to change?

I'm only speaking about users identities, not something like cache_peer login=XXX 
So each user must have is own ID 

> NP: Proxy-auth is not related to the message itelf, but to the
> transport
> mechanism. Do not confuse the identity of the proxy/sender with the
> traffic flowing through it from other sources.


> That said, you can use request_header_add to add whatever headers you
> like to upstream requests. Even proxy-auth headers. You just cant
> easily
> handle any 407 which result from that when the credentials are not
> accepted. So the ACL you use better be 100% accurate when it matches.

Ah ok great, so maybe we can imagine something like this

If an acl match a specific address (eg I put Authorization: BASIC Z3Vlc3Q6Z3Vlc3QxMjM= ?
It's what I was talking about helper, maybe a separate program should be better for matching IP=USERNAME 

If there is many users the ACL will be very long and complex ... 

Thanks for your help

More information about the squid-users mailing list