Hi Steve / Anybody else interested
After a few weeks we got an internal programmer to add the features we wanted to the auth system
We actually have it done for basic and for digest..
I am not sure about the posting of files to this list so I won't post it but if anybody was willing to take the code and maintain it I would be more than happy to post it up somewhere.
basically it converts a plain username
example:
username = fred / fred becomes fred@xxxxxxxxx
if fred auths with fred@xxxxxxxxxxxxxxxxx
then the modification actually ignores the ip appendage and continues on it's way
I hope this makes some sense and is roughly what people are looking for
Please let me know what I should be doing with this patch and where I can submit it for future users as I do not want it just left in the dark and would of course love to see somebody actively maintaining it.
PS. This patch is only tested and used on version 2.5 Stable release (somebody else may have better luck with modifying it to suite versions onwards)
Scott
On 11/04/2005, at 1:19 PM, Steve wrote:
Hi David and all,
I found this thread in the old archive of squid-users. Any updates on the status of your patch you mentioned before?
Thanks, Steve.
David Brown wrote:
On Wed, 19 Jan 2005 23:17:58 +0100 (CET), Henrik Nordstrom <hno@xxxxxxxxxxxxxxx> wrote:
On Mon, 17 Jan 2005, Scott wrote:
Sorry Henrik, should have elaborated a little... I have over 1000 customer
sites.. that would be a little ugly to set up and very ugly to maintain.
Not very, but a little yes.
It must be another proxy (such as Squid) and it must support forwarding of
the user credentials to another proxy but with a modified username (which
Squid does btw.. see the login= cache_peer option).
I'll take a look at this me thinks
I am not sure you will find any which does what you want.
Probably easier to modify Squid to your desires. If you use Basic
authentication then all you should need to modify is the decoding of the
authentication header to always add the client ip to the username.
see src/auth/basic/auth_basic.c authenticateBasicDecodeAuth()
Henrik / All,
My company has actually subcontracted out this partcular task and we implemented the solution yesterday. (We needed to do username rewriting based on client source IP). The code writers have said that they are happy to release the patch to the community however there's a raft of red tape, intellectual property and management approval to be done before we can. Hopefully there won't be any objections and we can release the patch for possible inclusion in squid.
Will keep the list posted.
Regards David Brown
Regards Henrik
This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. Please notify the sender immediately by email if you have received this email by mistake and delete this email from your system. Please note that any views or opinions presented in this email are solely
those of the author and do not necessarily represent those of the organisation. Finally, the recipient should check this email and any attachments for the presence of viruses. The organisation accepts no liability for any damage caused by any virus transmitted by this email.
