On 2014-07-06 17:40, Vinay C wrote:
Thank you Amos.
Agree to your comments.
I have another query:
How can we categorize proxies (forward proxies) with regard to a
client which wants to traverse through it to get it connected to a
webserver. Like Firewall based proxies (Example Squid, TMG etc),
Browser based proxies, two layer proxies, anything else?
Squid is not a firewall based proxy. It is an HTTP proxy.
Never heard of anything that could be called "browser based proxies"
before.
FWIW, HTTP specification defines the types of intermediary by the role
they play in http://tools.ietf.org/html/rfc7230#section-2.3 :
proxy (aka forward-proxy), gateway (aka reverse-proxy), tunnel, and
"interception proxy".
Squid can be all of the above depending on the specific configuration.
I can understand that if a client can traverse Squid it can work with
any firewall based proxies. What are other such categorization I
should keep in mind or test for? (I am struggling to get a good
documentation hence not sure if I have framed the question in right
way).
Like I said earlier HTTP authentication works the same way with all
intermediaries.
* forward-proxy authenticates with proxy-auth headers,
* gateway/server/reverse-proxy authenticates with www-auth headers,
* tunnel and interception proxy cannot authenticate, ever.
All the hacks and workarounds for authentication are due to different
*client* behaviour disobeying HTTP. If your client software obeys HTTP
specification properly it should have no troubles.
HTH
Amos