Hello Henrik,
I understood your explanation like this.
client <-----> proxy <----> Internet
The Scenario is Transparent proxy Authentication using Cookies, and all the
traffics are passed through the proxy. When the user access a web page for
the first time, he is redirected to a login page say
http://mydomain.com/login.php and the cookie is used to store the
credentials after the successful authentication and after that the user is
redirected to the original website that he/she was trying to access. But
this time the browser will not send the cookie credentials bcos, the is a
different domain. You explained as, "since the proxy has the full control of
the traffic passing thru it, it can play games on the browser and issue
cookie for all the visited domains". But with this, only the proxy can add
the credentials but what actually needed is, only the proxy needs the
credentials from the browser. How come the works or i am not understood
clearly?
Thanks,
Senthil Murugan
On Fri, 28 Oct 2005, Senthil Murugan wrote:
I just wanted to know how cookies are used for storing the username and
passwd. Bcos, i heard that cookies are domain dependent. So how cum it
works
or am i wrong
The cookies are indeed domain dependent, but since the proxy has full
control of the traffic passing thru it, it can play games on the browser
and issue cookies for all visited domains.
