Hi, The application has already been designed and implemented and I have moved to this project recently. Hence redesigning the application now is unlikely. Also, the video player applications (the ones we have) do not send headers for authentication. They assume unauthenticated data is being sent. Is there a way for me to invoke some custom code for every request that Squid receives? That script would do the following: 1. Extract part of the URL(the token) and look up in a database to see if it is valid. If valid, proceed to lookup cached object, other wise go to back-end fetch, etc. 2. If the token is not found in database, return with an error, so that Squid can send back a not found type (some HTTP error) of response. thanks, Sreenath On 7/11/2015 1:33 a.m., Sreenath BH wrote: > Hi > I am very new to Squid, and think have a strange requirement. > We want to serve cached content only if the client has been > authenticated before. > Since we don't expect the client software to send any information in > headers, we embed a token in the URL that we present to the user. > Um, you know how sending username and password in plain-text Basic auth headers is supposed to be the worst form of security around? It's not quite. Sending credentials in the URL is worse. Even if its just an encoded token. Why are you avoiding actual HTTP authentication? Why be so actively hostile to every other cache in existence? > So when the client s/w uses this URL, we want to extract the token > from URL and do a small database query to ensure that the token is > valid. > > This is in accelerator mode. > Is it possible to use something similar to basic_fake_auth and put my > code there that does some database query? The "basic_..._auth" parts of that helpers name mean that it performs HTTP Basic authentication. The "fake" part means that it does not perform any kind of validation. All of the text above has been describing how you want to perform actions which are the direct opposite of everything basic_fake_auth does. > If the query fails, we don't return the cached content? What do you want to be delivered instead? Amos _______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users