Hi! I am rather new to squid and I hope my question is fine here. We have a single sign on service in our company, which essentially sets a custom header after authentication. Now, we would like to use this header for squid authentication too. So, a request which has a valid ssoheader should be considered authenticated and allowed to access the internet. A user without such a header(or an invalid one) should be redirected to the login page. I understand from documentation, that I have to implement a custom auth module, which checks the credentials, but it says also (http://wiki.squid-cache.org/SquidFaq/ProxyAuthentication) that the /Authorization/ request header is given to this module. And if the header is not present, 407 is sent. To condense my question: Is it possible to specify which header information is given to the auth module? And to specify that no 407 but a redirect is sent? Another thing that bothers me are SSL requests. What happens when the proxy encounters a request for a https site? Can it access the cookie anyway? Thanks, Christoph
