Re: [squid-users] transparent proxy and ldap_auth

From: Colin Campbell <sgcccdc@dont-contact.us>
Date: Wed, 6 Jun 2001 09:28:59 +1000 (EST)

Hi,

On Tue, 5 Jun 2001 cjmsquid@mtl.centresjeunesse.qc.ca wrote:

> We are using Squid 2.3.STABLE3-ldap_auth (with the patch from
> http://www.fatgut.org/squid/group_ldap_auth).
>
> In the squid.conf it give us this warning :
>
> " WARNING: ldap_auth can't be used in a transparent proxy.
> It collides with any authentication done by origin servers.
> It may seem like it works at first, but it doesn't. "
>
> I would like to have I bit more on why it does not work.

No authentication method can work with a transparent proxy. How can the
browser send a "proxy-authentication" field in the HTTP headers when, as
far as it knows, there's no proxy in use? Think about it. It's not squid
that would need fixing. You'd need to fix the browser so that when it got
a "407(?) proxy authentication required" it would request a password and
forward that to the non-existant proxy in the HTTP headers of the request.

Colin
Received on Tue Jun 05 2001 - 17:30:20 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:00:29 MST