Re: Squid 3.2 Parent proxy login=PASS

From: Amos Jeffries <squid3_at_treenet.co.nz>
Date: Tue, 24 May 2011 00:13:17 +1200

On 23/05/11 23:59, Tsachi wrote:
> Hey I am checkig Squid 3.2.0.5.
> I have a question regarding some behavior I noticed.
> Configuring a parent proxy with login=PASS.
> No user or passwords are configured in ACL.
>
> A client makes a normal http request without any authorization header.
> Squid process the request and sends it to the parent proxy with the
> header field "proxy-authorization: Basic xxxxx"
>
> I guess this is because the httpFixupAuthentication (http.cc) is
> called and reach the end and set httpHeaderPutStrf(hdr_out, header,
> "Basic %s",base64_encode(orig_request->peer_login));
>
> Is that how it is suppose to be?

Yes. "login=PASS" *requires* login to be sent and goes to some lengths
to locate a login for passing on.

> Am I missing here something?

If you need Squid to pass the exact login/non-login state of requests
through to a peer use "login=PASSTHRU" which was added in 3.2. This will
make Squid transparent regarding the Proxy-Auth headers.

Amos

-- 
Please be using
   Current Stable Squid 2.7.STABLE9 or 3.1.12
   Beta testers wanted for 3.2.0.7 and 3.1.12.1
Received on Mon May 23 2011 - 12:13:24 MDT

This archive was generated by hypermail 2.2.0 : Mon May 23 2011 - 12:00:04 MDT