From: Amos Jeffries >From: Henrik Nordstrom >>From: Vosloo, Jaco >>> I need to configure a transparent proxy to an upstream authenticating >>> proxy and I believe that Squid should be able to do this. I've been >>> searching the net for months now and would really appreciate any advice >>> or pointers. >> >> interception and authentication is mutually exclusive. >> >>> 2. The FAQ says authentication can not be run on a transparent proxy, >>> this is acceptable because I do not want to authenticate on the >>> transparent proxy, I want the transparent proxy to let the user >>> authenticate to the upstream proxy. >> >> Does not matter. What matters is that the browser isn't configured for >> using a proxy so it does not accept that the requested web server (as >> far as the browser knows, it's talking to the IP of the requested web >> server) suddenly requests proxy authentication. >> > He seems to be asking for a way to let Squid ignore the Proxy-Auth >headers and simply not strip any that go through if the BC does ask for >it. Semantic transparency et al. Thanks for the replies. Amos is correct, I'm trying to use squid as a truly transparent proxy, it should not add anything or take anything away except when the object is cacheable. The browser is configured to use the upstream proxy. I want the transparent proxy to be a MITM between the browser and the upstream proxy and cache whatever can be cached. This is why I am wondering if a reverse proxy in front of the upstream proxy might provide the solution? I have full control over the browsers as well as the internal DNS so I can change the DNS to point to whatever proxy I want. Current setup: Browser --Auth--> Proxy1 --> Web server New setup: Browser --Tunnel Auth--> ProxyMITM --Tunnel Auth--> Proxy1 --> Web Server Regards Jaco Vosloo To read WesBank's Disclaimer for this email click on the following address or copy into your Internet browser: https://www.wesbank.co.za/WesBankCoZa/about/legal/emaildisclaimer.jspx If you are unable to access the Disclaimer, send a blank e-mail to emaildisclaimer@xxxxxxxxxxxxx and we will send you a copy of the Disclaimer.
