On 20/03/2017 9:27 p.m., Eliezer Croitoru wrote: > Hey Serhat, > > The right way to support OAUTH2 or any similar idea would be using an ICAP > service or ECAP module(to my knowledge). Sigh. Another perfect example of how giving us incorrect information results in bad answers. OAuth2 is an actual standard authentication scheme with defined HTTP features, not "a custom XML Web Service or HTTP REST API" which Serhat was asking for earlier. The proper way to implement OAuth2 is with the Bearer authentication scheme. I did that implementation years ago right after Oauth2 Bearer was standardized, but it did not get merged because nobody was using it with proxies at the time and the final polish was going to be hard. The patch (for an early 3.5) can be found at <http://www.squid-cache.org/mail-archive/squid-dev/201407/0147.html> and <http://wiki.squid-cache.org/Features/BearerAuthentication> the documentation for using it in a patched squid. If you want to sponsor the work Serhat I would be happy to update it to current releases. HTH Amos _______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users