[squid-users] Squid as Kerberos client?

Eliezer Croitoru eliezer at ngtech.co.il
Wed Mar 28 07:36:45 UTC 2018


I yet to fully understand the scenario but I might have some ready to use services for some of these options.

Eliezer

----
Eliezer Croitoru
Linux System Administrator
Mobile: +972-5-28704261
Email: eliezer at ngtech.co.il



-----Original Message-----
From: squid-users <squid-users-bounces at lists.squid-cache.org> On Behalf Of Amos Jeffries
Sent: Saturday, March 17, 2018 15:48
To: Patrick Nick <peedee.nick at gmail.com>
Cc: squid-users at lists.squid-cache.org
Subject: Re: [squid-users] Squid as Kerberos client?

On 17/03/18 06:41, Patrick Nick wrote:
> Thank you. It doesn't seem that the "originserver" makes a difference to
> may case though.
> 
> I was able to resolve my issue after I understood that I forgot to pay
> attention to cookies. The API expects the client to use cookies, which I
> didn't do until now, which resulted in a continuous "401 Unauthorized" loop.
> 

Ah, Cookies. The bane of the Internet. They can be dealt with, but you
are not going to like the difficulty level.

Your choices AFAIK (in order of easiest to seriously tricky) are to
write an eCAP module, ICAP service, or custom external ACL helper(s)
with fairly complex squid.conf settings to use the latter.

Amos
_______________________________________________
squid-users mailing list
squid-users at lists.squid-cache.org
http://lists.squid-cache.org/listinfo/squid-users



More information about the squid-users mailing list