On Wed, 24 Sep 2003, Wilshire, Andrew wrote:
> When I look inside access.log on the PARENT (2nd tier) cache of the
> first-tier cache I see
>
> 1064290276.165 4844 eee.fff.ggg.hhh TCP_MISS/200 10100 GET
> http://www.nzherald.co.nz/pics/ACFNAA.Taimy.JPG -
> FIRST_UP_PARENT/3rdtiercache.fqdn.co.nz image/jpeg
>
> What I need to accomplish is to get the domain/username passed through to
> the PARENT cache so that I may use a filtering product on our 2nd tier
> proxy.
Then you need to set up a system where "faked" logins are used to the 2nd
tier proxy. You can set up the first proxy to log in with the same
username but a static password. See the login= cache_peer option.
This also requires reconfiguring the parent proxy to require basic
authentication and know about the static password assigned to the first
proxy.
> Do I need to recompile Squid on the 2nd tier cache with ntlm_auth support?
Won't help. You can't proxy ntlm_auth due to the nature of NTLM.
Regards
Henrik
Received on Tue Sep 23 2003 - 18:46:49 MDT
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:20:00 MST
