On 4/04/2016 12:46 a.m., Sreenath BH wrote: > Hi Amos, > > Thanks for the information. > We are not using any helpers in the first squid, no ICAP/rCAP as well. Aha. That will be the problem then. With no helper to make Squid aware that there is anything special about the WWW-Auth headers they will get dropped on arrival. Note that Authorization header going out from Squid to the origin is *Squid* login to the origin, not the clients. WWW-Auth is only passed through forward-proxy. > > I remember seeing that the copyHeaders function was actually copying > the Authorization header, but not sending it out. Since our servers > have been rebooted unfortunately I can not provide the log file > contents here. > > If I change login=PASS to login=PASSTHRU, will squid always send all > received headers upstream. Yes Squid will send the auth credentials from the client as its own. And send the origins challenge (if any) back to the client. > > Also you mention that if the upstream server "does not request login" > squid will not send Authentication headers. How does one make the > upstream ask for Basic authorization? That is software specific config, so I can't say specifically what you will need. Amos _______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
