On 23/05/11 23:59, Tsachi wrote:
Hey I am checkig Squid 3.2.0.5.
I have a question regarding some behavior I noticed.
Configuring a parent proxy with login=PASS.
No user or passwords are configured in ACL.
A client makes a normal http request without any authorization header.
Squid process the request and sends it to the parent proxy with the
header field "proxy-authorization: Basic xxxxx"
I guess this is because the httpFixupAuthentication (http.cc) is
called and reach the end and set httpHeaderPutStrf(hdr_out, header,
"Basic %s",base64_encode(orig_request->peer_login));
Is that how it is suppose to be?
Yes. "login=PASS" *requires* login to be sent and goes to some lengths
to locate a login for passing on.
Am I missing here something?
If you need Squid to pass the exact login/non-login state of requests
through to a peer use "login=PASSTHRU" which was added in 3.2. This will
make Squid transparent regarding the Proxy-Auth headers.
Amos
--
Please be using
Current Stable Squid 2.7.STABLE9 or 3.1.12
Beta testers wanted for 3.2.0.7 and 3.1.12.1
