RE: User Authentiction

From: Joey Coco <anesthes@dont-contact.us>
Date: Thu, 16 May 2002 07:47:23 -0500 (EST)

Hi Rob,

> Not true. Only requests that trigger proxy_auth acl checks will trigger
> authentication.
>
> > What I'd like to do, is set it up so genericly noone (regardless of IP
> > network) is prompted for authentication, however, if one
> > wishes to "log in" they can clink on a link, or in some other
> > way trigger the authentication routines.
>
> Just allow certain destinations without proxy auth.

True on both accounts, and that would prolly work for most people that
want to authenticate when going to a few pre-defined destinations. But it
won't really work for me, because we're not restricting access by using
ACL's.

I've written some custom functionality that will make decisions to allow
access or not, based on destinations, time of day, and other criteria -
but currently everyone is treated Equal.

I've tested load, and I've peaked around 800 http requests per second, so
its fairly stable. At close to a million ACL rules within my custom code,
if I transformed that to Squid's native ACL, I'm not sure how long it
would run for. :)

I really just need to trigger proxy_auth on demand.

-- Joe
Received on Thu May 16 2002 - 06:30:23 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:15:27 MST