[squid-users] https proxy authentication

Adam Weremczuk adamw at matrixscience.com
Tue Apr 10 14:07:35 UTC 2018


Hi Amos,


On 30/03/18 02:44, Amos Jeffries wrote:
> So, the big question is why you have this setup of Apache being a
> reverse-proxy for a Squid forward-proxy?
>
> Forward-proxy are supposed to be between clients and reverse-proxies or
> origins. Not the other way around.
This is a set up I inherited with not much being documented.
I think the purpose was to split the functionality as below:
- direct unauthenticated proxy for every day usage ("proxy")
- hopping through Apache which provides http authentication for sporadic 
testing use only ("aproxy")
> What are you actually trying to achieve here?
The big picture is we need to test some code against various proxy 
scenarios (http, https, authenticated, unauthenticated).
ATM we only have http authentication.
I would imagine real live proxy setups use encrypted https for 
authentication more often than plain text http.
Am I correct with my assumption?

If that's the case then my goal is to get https authentication working 
as well.
If there is no way I can easily get it to work with the existing config 
I guess I can set up a new Apache hop.
Authenticating over https only and called e.g. "bproxy".
Would that make most sense?

Thanks
Adam


More information about the squid-users mailing list