Dear all, we configured Squid 3.4.9 as Reverse Proxy/Accellerator versus some virtual machines located geographically in different country integrating it with a Geo DNS solution to routing the various user requests to the Squid Reverse Proxy nearest to them. These virtual machines hosts a J2EE Web Portal.
This Reverse Proxy provides to the users a huge amount of images and reduce a lot the download time for that countries away from the primary data center (see China, India, etc.). These images are at the moment freely accessible without authentication. The portal behind squid uses a custom authentication form where the user insert his "Username" and "Password" in an HTTP Form and these credentials are routed to a J2EE Servlet (through an HTTP Post) that perform various authentication checks and release a cookie to grant the session to the other dynamic contents. We would like to understand if there are possible solutions to protect the images on the Squid Reverse Proxy and makes them only available after the user is authenticated. Another possible workaround is perform some random scramble of the image URL but continuing to permitting the caching of the sames. Thanks and best regards, Guido M. _______________________________________________ squid-users mailing list squid-users@lists.squid-cache.org http://lists.squid-cache.org/listinfo/squid-users
