RE: [squid-users] PAM auth with transparent proxy from Chris Robertson on 2005-06-28 (squid-users)

From: Chris Robertson <crobertson@dont-contact.us>
Date: Tue, 28 Jun 2005 13:16:57 -0800

> -----Original Message-----
> From: Odhiambo Washington [mailto:wash@wananchi.com]
> Sent: Saturday, June 25, 2005 7:51 PM
> To: squid-users@squid-cache.org
> Subject: Re: [squid-users] PAM auth with transparent proxy
>
>
> * Varun <varun@sriaurobindoashram.com> [20050626 06:30]: wrote:
>> Hello,
>> Will PAM work with transparent proxy ?
>
> I should think the answer to this is a FAQ.
> While reading squid.conf to solve another problem with transparent
> proxying, I saw this comment:
>
>
> # WARNING: authenitcation can't be used in a transparently
> # intercepting proxy as the client then thinks it is talking to an
> # origin server and not the proxy. This is a limitation of bending the
> # TCP/IP protocol to transparently intercepting port 80, not a
> # limitation in Squid.
>
> (there is a typo in the file - s/authenitcation/authentication/)
>
> This has made me go thinking hard .... I wanted to use the very same
> trick ;)
>
>
> I also saw another interesting comment:
>
> # WARNING: proxy_auth can't be used in a transparent proxy. It
> # collides with any authentication done by origin servers. It may
> # seem like it works at first, but it doesn't.
>
>
> Please go and look at the FAQ. If you get a way, kindly CC me on
> your solution.
>
>
> -Wash

The FAQ should be amended to state that "HTTP authentication can't be
used..."