Re: Squid: Passing url to authenticator

From: Dancer <dancer@dont-contact.us>
Date: Tue, 24 Aug 1999 07:36:30 +1000

Henrik Nordstrom wrote:
>
> I think you should get in touch with Dancer. He has made something along
> these lines.
>
> I don't expect mainstream Squid to accept such a change to
> authenticators since it would prevent caching of user credentials, and
> caching is badly needed for many of the authenticators contacting other
> authentication servers, or a Squid proxy could easily overload the
> backend authentication server (not to mention the added latency which
> for some methods can be a second or more).

I fixed the caching issue with
IPs+usernames-returned-from-the-authenticator and credentials in the
end. As soon as I'm more fully recovered from Mister Heart Attack, I'll
be assembling that up into a patch.

I am also dubious about the URL being passed at that stage, and
authenticator load, yes.

> What I think could be accepted to mainstream Squid distribution is
> perhaps an process based ACL type which calls an external access control
> process.
>

A second authenticator step? Hmm. That's got possibilities.

> /Henrik
>
> Wade Komisar wrote:
> >
> > Henrik:
> >
> > I am about to hack on Squid big time to enable the url to be passed to
> > my authentication module along with userid and password. But, before I
> > do, I want to check to make sure you or someone else on the Squid squad
> > had not done such a hack already. If so, could you pass me the code.
> > If not, would you accept my hack to be placed in the Squid distribution?
> >
> > Wade
> > --
> > ========================================================================
> > Wade B. Komisar Comp. Sys. Sr. Engineer, Advanced Technology Group
> > Komisar@Virginia.EDU Office of Information Technology
> > voice: 804.924.7171 University of Virginia
> > fax: 804.982.2777 Carruthers Hall, 1001 N. Emmet St.
> > http://www.people.virginia.edu/~wbk3a/ Charlottesville, VA 22906-9005
Received on Tue Jul 29 2003 - 13:16:00 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:12:17 MST