Hi Henrik,
Thanks a lot for your help with this.
As far as the last point goes (pages being cached and then served to a
user who should be blocked from seeing them), I was wondering whether it
would be possible to get round this (in a fairly nasty way) using the
refresh_pattern configuration option?
If I had a configuration line something like:
refresh_pattern -i .* 0 0% 0 override_expire override_lastmod
would I be right in thinking that Squid would check whether every page
had been changed before serving it?
If I am right about this, how does Squid check whether a page has been
modified (when Squid is configured to use an upstream proxy)? Does it
cache pages even if they've expired and send an If-Modified-Since
request, or does it download the page again? Obviously, in the latter
case the Squid cache would be entirely redundant with the above
directive, so it's a particularly poor solution!
Regards, and thanks for any help,
Steffan
Henrik Nordstrom wrote:
mån 2007-01-15 klockan 14:53 +0000 skrev Steffan Corley:
1. Is NTLM passthrough actually implemented?
Yes.
I can find nothing in the Squid documentation.
Hmm.. thoght we had a blurb about this in the release notes, apparently
not... I'll make sure there is one for the next release.
Does it do what I would need for this to actually work (i.e. maintain
a 1-1 mapping between client connections and connections to the
upstream proxy)?
You only need to do stuff if you don't want the feature.. (other than
upgrading)
2. Will the cached pages get served to different users without
checking whether the upstream ISA server would have blocked them for
this user?
If they are cacheable yes, or at least that's the intention. Have not
verified.
I.e. if user A visits www.dodgy.com and is not blocked by ISA server,
will www.dodgy.com be served from the cache to user B regardless of
whether the ISA server would have blocked them or not.
Probably, if the page was cacheable.
Regards
Henrik
