On Fri, May 23, 2008 at 07:39:04AM +0800, Adrian Chadd wrote:
> On Thu, May 22, 2008, Marc Haber wrote:
> > > Nope, but you have to figure out how to get the browser to always present
> > > the cookie, regardless of domain.
> >
> > Ah, ok, I _was_ naive for that.
> >
>
> Some commercial stuff used to do cookie-insert for every domain that
> was going through the proxy; I think it worked by inserting a cookie
> with a special name that was then used as an authentication token.
That could work, but why the trick with the special name? One could
just set an "X-squid-ID:" to the identd value obtained from the client.
> I have no idea if this'll work for CONNECT (I didn't think cookies were
> thrown across the initial CONNECT session)
CONNECT connections usually last a little bit longer, so I could
probably live with a single identd request per CONNECT.
> Besides, how many connections a second are you talking about? A modern
> box can handle thousands a second.
The box running the clients is an X host for 300 users using hogs like
Mozilla and OpenOffice.org, so while it is surely possible to handle
one ident request by http request, I have an intense dislike for that
solution and would love to have a way to cut down on the number of
ident requests that does not require users to explicitly log in to
surf the web.
Greetings
Marc
-- ----------------------------------------------------------------------------- Marc Haber | "I don't trust Computers. They | Mailadresse im Header Mannheim, Germany | lose things." Winona Ryder | Fon: *49 621 72739834 Nordisch by Nature | How to make an American Quilt | Fax: *49 3221 2323190Received on Mon May 26 2008 - 10:02:16 MDT
This archive was generated by hypermail 2.2.0 : Tue Aug 05 2008 - 01:05:14 MDT