Search squid archive

Re: Headers control in Squid 3.0

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Oops. Ya - it's work's with Negotiate-NTLM-Basic sequence...
Strange - Firefox for Windows on Squid 2.7.6 don't work properly with that sequence. That why I begin experiments with headers control. Now all works right.
Thans for reply.

Amos Jeffries пишет:
> Oleg wrote:
>> Hi.
>>
>> Before Squid 3.0 I can change a Proxy-Authenticate header through duplet:
>>
>> header_access Proxy-Authenticate deny browserFirefox osLinux
>> header_replace Proxy-Authenticate Negotiate
>>
>> That because first authenticate method is NTLM for IE.
>>
>> After upgrade to Squid 3.0, header_access directive fork into
>> request_header_access and reply_header_access. Implicate in my case I
>> change directive header_access to reply_header_access. BUT! Now
>> directive header_replace works only with request_header_access and don't
>> change a Proxy-Authenticate headers.
>>
>> How to resolve this problem without downgrade to Squid 2.7.6? Or may be
>> bypass this another way?
>
>
>  From Squid-3, the proxy-authenticate headers are only relevant between
> browser and Squid. So always removed from client request before that
> request is passed to the web server.
>  The *_header_access only apply to headers which are passed though from
> browser/client to server.
>
>
> Why is auth method an issue at all?
>
> Configuring the auth methods in right order should make the browsers use
> either method they prefer.
>
> I'd test the capability in 3.0 and see if it works okay now, before
> attempting to re-create an old hack.
>
> FWIW, IE on Vista prefers Negotiate to work most efficiently.
>
>
> Amos

[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux