[squid-users] https proxy authentication
Adam Weremczuk
adamw at matrixscience.com
Tue Apr 10 14:07:35 UTC 2018
Hi Amos,
On 30/03/18 02:44, Amos Jeffries wrote:
> So, the big question is why you have this setup of Apache being a
> reverse-proxy for a Squid forward-proxy?
>
> Forward-proxy are supposed to be between clients and reverse-proxies or
> origins. Not the other way around.
This is a set up I inherited with not much being documented.
I think the purpose was to split the functionality as below:
- direct unauthenticated proxy for every day usage ("proxy")
- hopping through Apache which provides http authentication for sporadic
testing use only ("aproxy")
> What are you actually trying to achieve here?
The big picture is we need to test some code against various proxy
scenarios (http, https, authenticated, unauthenticated).
ATM we only have http authentication.
I would imagine real live proxy setups use encrypted https for
authentication more often than plain text http.
Am I correct with my assumption?
If that's the case then my goal is to get https authentication working
as well.
If there is no way I can easily get it to work with the existing config
I guess I can set up a new Apache hop.
Authenticating over https only and called e.g. "bproxy".
Would that make most sense?
Thanks
Adam
More information about the squid-users
mailing list