So the answer appears to be that although squid has the mechanics of an http to ftp gateway that can be made to work for anonymous ftp, there is no provision in the standards or in squid for accomodating a user name from the browser address window.
While I appreciate that there are probably many ways around this limitation, probably the easiest for the short term that will not run amok will be to rewrite http://www.ftpserver.com/realuser to ftp://[EMAIL PROTECTED] Looks good to http and gives ftp what it needs. Thanks for all the help. -- Jim Flowers<[EMAIL PROTECTED]> ---------- Original Message ----------- From: Henrik Nordstrom <[EMAIL PROTECTED]> To: "Jim Flowers" <[EMAIL PROTECTED]>, Squid Users <[EMAIL PROTECTED] cache.org> > > > 1. http://www.ftpserver.com rewritten to ftp://ftp.ftpserver.com. > > Squid assumes anonymous and with no anonymous on ftp.ftpserver.com, > > it fails. No prompt for user/password is returned to browser. > > Squid assumes what the URL says, which is anonymous FTP. > Which works with proxy-cache and real ftp:// because when anonymous is not present, browser pops up auth window. > > > 4. rewritten to ftp://[EMAIL PROTECTED] returns a popup > > with 'realm ftp dummyuser'. Enter realuser and realpassword does > > not work. > > You can modify this criteria in ftpCheckAuth function in src/ftp.c. > The default is to require that the user name is the same, but it is > not a strict requirement. So, remove the restriction and rewrite using a dummyname (e. g. squid@ or something that looks good as a realm) to trigger the request for real username and password. > > > 5. any attempt to provide the username from the browser using @ (e. > > g. http://[EMAIL PROTECTED]) fails to get to the > > redirector program whether a redirector_access acl is used or not. > > Correct. HTTP does not have such username syntax in the URL. > > > 6. If I escape the @ in the browser entry (e.g. > > http://[EMAIL PROTECTED]) it makes it to the redirector. > > The rewrite is altered, however, resulting in DNS lookup failuer of > > the rewritten URL. > > If it makes it to the redirector then it can be made to work. You > just need to make sure the redirector gives corred URL back. > > However, do not assume that the above syntax will work in all > browsers. It is not a valid URL syntax. Also, there is no chance > this will work in accelerator mode. and besides, it's ugly.
