[squid-users] Documentation for squidclient?

Amos Jeffries squid3 at treenet.co.nz
Mon May 22 19:53:53 UTC 2017

On 23/05/17 07:11, erdosain9 wrote:
> Ok,
> Thanks.
> We are using a windows server 2012...
> Can you explain to me how the negotiate authenticator works??


> how works? when a user want browser to a page, the squid, use the
> authenticator for know if can browse??

If your ACLs configuration requires credentials for that request, yes.

>   every time? for every single web
> pages?

HTTP is stateless. Each request is required to contain all the necessary 
details to server it. So every single time a request is sent to the 
proxy credentials are needed in that message.

Note that "page" is a UI concept, one "page" may be a few or hundreds of 
objects - one request is sent to the proxy for each object that needs 
fetching or updating by the Browser.

Squid does not use the helper for every request though. The Negotiate 
and NTLM schemes authenticates a TCP connection (not a user), so once a 
request has been authenticated those credentials are "cached" as peer of 
the connection state and the credentials on further requests are simply 
compared against the previous ones until their TTL expires.


More information about the squid-users mailing list