ons 2010-07-14 klockan 12:07 -0700 skrev Mike Melson:
> Digest authentication fails because the uri=<string> in the
> Authorization header isn't rewritten & so it doesn't match the POST
> URI created by url-rewrite-program. Is there a way to also rewrite the
> uri string in the Authorization header before squid sends it to the
> originserver?
No, it's included in the one-way digest authentication hash, and
included in the Authorization header just to deal with cases like this.
digest-uri
The URI from Request-URI of the Request-Line; duplicated here
because proxies are allowed to change the Request-Line in transit.
You need to make the server accept the digest-uri as valid in the
Authorization header, or get rid of the need to rewrite the URI.
Note: The server is meant to use digest-uri when verifying the Digest
authentication hash, not the Request-URI.
Regards
Henrik
Received on Sat Jul 17 2010 - 21:20:39 MDT
This archive was generated by hypermail 2.2.0 : Mon Jul 19 2010 - 12:00:04 MDT