Re: [squid-users] Add authorization header?

From: Chris Robertson <crobertson_at_gci.net>
Date: Wed, 15 Apr 2009 15:17:46 -0800

austijc wrote:
> I'm trying to have squid add an authorization header when a user accesses a
> particular URL pattern. Here's the situation;
>
> Internal users access the Internet through squid and authenticate to an LDAP
> server.
>
> We have a partner site we'd like to give access to these users but local
> users do not have individual accounts on that server. Instead the partner
> provides a single login for all our users.
>
> So, I'd like to automatically add that single login information to the
> request when the local users access the URL pattern. That allows them to
> login to the proxy once and then access the partner site without having to
> login again or even know the login/password of that site.
>
> Does squid support anything like that? I've been digging through the manual
> but haven't found anything.
>

Have a look at cache_peer.

Something like...

cache_peer partner.example.com parent 80 0 no-query originserver
login=account:password
acl partner dstdomain .partner.example.com
cache_peer_access partner.example.com allow partner
cache_peer_access partner.example.com deny all

...should (if I have my directives correct) pass requests for any
subdomain for partner.example.com (inclusive of partner.example.com
itself) to partner.example.com AND supply HTTP authorization credentials
of "account" and "password".

> Can the request be modified by an external program?
>

Chris
Received on Wed Apr 15 2009 - 23:18:05 MDT

This archive was generated by hypermail 2.2.0 : Thu Apr 16 2009 - 12:00:01 MDT