austijc wrote:
I'm trying to have squid add an authorization header when a user accesses a
particular URL pattern. Here's the situation;
Internal users access the Internet through squid and authenticate to an LDAP
server.
We have a partner site we'd like to give access to these users but local
users do not have individual accounts on that server. Instead the partner
provides a single login for all our users.
So, I'd like to automatically add that single login information to the
request when the local users access the URL pattern. That allows them to
login to the proxy once and then access the partner site without having to
login again or even know the login/password of that site.
Does squid support anything like that? I've been digging through the manual
but haven't found anything.
Have a look at cache_peer.
Something like...
cache_peer partner.example.com parent 80 0 no-query originserver
login=account:password
acl partner dstdomain .partner.example.com
cache_peer_access partner.example.com allow partner
cache_peer_access partner.example.com deny all
...should (if I have my directives correct) pass requests for any
subdomain for partner.example.com (inclusive of partner.example.com
itself) to partner.example.com AND supply HTTP authorization credentials
of "account" and "password".
Can the request be modified by an external program?
Chris
