On Thu, 2008-04-10 at 16:38 +0200, Davide Meloni wrote: > On Thu, Apr 10, 2008 at 3:51 PM, Alex Rousskov > <rousskov@xxxxxxxxxxxxxxxxxxxxxxx> wrote: > > > However, if the X-Authenticated-User header is in the HTTP message, then > > the patch you found is irrelevant as it only affects the ICAP headers. > > Please double check and we will go from there. > > > Alex, > I suppose that the 'X-Authenticated-User' value are in the header. > Here the packet sniffed: > > Frame 14 (674 bytes on wire, 674 bytes captured) > Ethernet II, Src: xx:xx:xx:xx:xx:xx, Dst: xx:xx:xx:xx:xx:xx > Internet Protocol, Src: yyy.yyy.yyy.yyy (yyy.yyy.yyy.yyy), Dst: > zzz.zzz.zzz.zzz (zzz.zzz.zzz.zzz) > Transmission Control Protocol, Src Port: 41770 (41770), Dst Port: icap > (1344), Seq: 1, Ack: 1, Len: 608 > Internet Content Adaptation Protocol > REQMOD icap://zzz.zzz.zzz.zzz:1344/icap ICAP/1.0\r\n > Host: zzz.zzz.zzz.zzz:1344\r\n > Date: Wed, 09 Apr 2008 14:23:48 GMT\r\n > Encapsulated: req-hdr=0, null-body=374\r\n > Preview: 0\r\n > Allow: 204\r\n > X-Client-IP: aaa.aaa.aaa.aaa\r\n > X-Authenticated-User: dGVzdA==\r\n > \r\n > GET http://www.google.it/ HTTP/1.1\r\n > Accept: */*\r\n > Accept-Language: it\r\n > UA-CPU: x86\r\n > Accept-Encoding: gzip, deflate\r\n > User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET > CLR 2.0.50727)\r\n > Host: www.google.it\r\n > Proxy-Connection: Keep-Alive\r\n > Cookie: PREF=ID=addad0d808abb98c:TM=1203945729:LM=1203945729:S=gzFdC17czTxX2ZL4\r\n > Proxy-Authorization: Basic dGVzdDp0ZXN0\r\n > \r\n > > I think that the expanded branch is ICAP header, isn't it? Yes, the top part is an ICAP the lower is the encapsulated HTTP header. The X-Authenticated-User header is in the ICAP header. The above ICAP and HTTP headers are from a non-Squid proxy, right? What confuses me is that earlier you said that Squid was sending: X-Authenticated-User: test\r\n yet I cannot find that header in Squid3 sources. Did you apply some patches to teach Squid to emit that header? Thank you, Alex.
