On Fri, May 23, 2008 at 07:39:04AM +0800, Adrian Chadd wrote: > On Thu, May 22, 2008, Marc Haber wrote: > > > Nope, but you have to figure out how to get the browser to always present > > > the cookie, regardless of domain. > > > > Ah, ok, I _was_ naive for that. > > > > Some commercial stuff used to do cookie-insert for every domain that > was going through the proxy; I think it worked by inserting a cookie > with a special name that was then used as an authentication token. That could work, but why the trick with the special name? One could just set an "X-squid-ID:" to the identd value obtained from the client. > I have no idea if this'll work for CONNECT (I didn't think cookies were > thrown across the initial CONNECT session) CONNECT connections usually last a little bit longer, so I could probably live with a single identd request per CONNECT. > Besides, how many connections a second are you talking about? A modern > box can handle thousands a second. The box running the clients is an X host for 300 users using hogs like Mozilla and OpenOffice.org, so while it is surely possible to handle one ident request by http request, I have an intense dislike for that solution and would love to have a way to cut down on the number of ident requests that does not require users to explicitly log in to surf the web. Greetings Marc -- ----------------------------------------------------------------------------- Marc Haber | "I don't trust Computers. They | Mailadresse im Header Mannheim, Germany | lose things." Winona Ryder | Fon: *49 621 72739834 Nordisch by Nature | How to make an American Quilt | Fax: *49 3221 2323190
