On Wed, 12 Nov 2003, Alex Collins wrote: > 1) Could this session cookie based auth possibly work with squid. I'm > 100% open to suggestions.
Session cookie auth schemes works with web sites, not general Internet proxies. This is because cookies are connected to domains visited, not proxy servers, and also considered a property of the request to be sent to the web server by the HTTP protocol. What this means is that you can use cookie auth schemes in a Squid running as a surrogate/reverseproxy server infront of your (or specific) web sites, but not in a Squid running as a general Internet HTTP proxy. > 2) I'd also like to avoid the User Config of the .pac file URL - maybe > auto send it as required - can this be done ? If you want the browser to use a specific proxy then the browser needs to be told this via the configuration methods supported by the browser. What methods are applicable depends on how much control you have over the environment where the browser runs. > 3) Could a small java app push everything through the proxy after they > are authenticated and identified as being off campus? Maybe sent from > the squid server, maybe a.n.other web server. This could also help > eliminate a further set of issues relating to Citrix ICA stuff. Don't quite follow this. > 4) Am I totally barmy for even attempting this in the first place ? Maybe, maybe not. Regards Henrik