On 3/07/2013 9:39 a.m., Alex Rousskov wrote:
On 07/02/2013 03:00 PM, Amos Jeffries wrote:
On 3/07/2013 1:26 a.m., Alex Rousskov wrote:
On 07/02/2013 02:34 AM, Amos Jeffries wrote:
On 2/07/2013 6:33 p.m., Blason wrote:
I know squid support X-Forwarded-For but keen to know if I can use
X-Forwarded-User so that user authenticated with Proxy can have
filtering
done on other Application Control box placed in front of Proxy. And
Proxy can only be used for caching functionality
No.
I have not tested it, but is not X-Forwarded-User supported via
request_header_add with an appropriate logformat macro in the value?
Only for sending. The question was about support for receiving and
interpreting.
I probably interpreted "in front" the wrong way, sorry. Well, Squid can
certainly receive that header and a Squid helper or adapter can
interpret it, even providing authentication-like capability if needed.
Please note that I am not trying to defend the use of that header for
anything, just indicating that some related functionality is available
even though Squid itself does not treat X-Forwarded-User specially.
Whereas like I initially said a frontend which can add headers is far
better off adding Proxy-Authorization with the relevant details. Squid
will then support it properly and help detect any dangerous collisions
with the two headers.
Amos
