I'm using squid/3.1.3.
It is configured with a cache-peer thus:
cache_peer myproxy parent 8081 0 default no-query no-digest no-netdb-exchange login=PASS
'myproxy' is not squid. It is NTLM-capable.
The NTLM log-in process works OK, but it looks as if squid is not maintaining separation between
sessions (what I think used to be called "connection pinning"). In other words, if two users log in
from two separate browsers, upstream connections are shared across the two sessions (especially if
the same site is being visited).
I tried adding connection-auth=on to both the cache-peer line and the http_port line (although squid
3.1 docs say that this is on by default).
I also tried sending a 'Proxy-support: Session-Based-Authentication' header from myproxy.
Upstream connections were still being shared.
Is there anything else I should set in the configuration?
Is this a bug?
--
Jeff Silver
Protected by Websense Hosted Email Security -- www.websense.com