On 20/03/2017 7:49 p.m., Serhat Koroglu wrote: > Sorry for late reply. > > I have find a suitable solution for validation through a http web > service. Here tells developing custom helper even using php: > http://freesoftwaremagazine.com/articles/authentication_with_squid/ > That's nice. > > > Then I know there is authentication with oauth2 for squid-server. > But you may be know, in oauth2 authentication, you must authorize the > app using user's credentials e.g. facebook username and password. > When this oauth2 method is used, your app must redirect to the oauth2 > service to authorize your app. > > > You may had used many web sites like that with facebook login. So my > question is how may squid server do this redirect and authorization > process using a third party oauth2 service? Squid asks username and > password with web browser popup. Is there any example to this? No this is abolutely *not* how Squid asks for authentication. Squid "asks" telling the client that authentication credentials are needed and listing the schemes that it will accept credentials for. *Some* clients (eg Browsers) decide all on their own to use a popup to annoy the user if they cannot supply any of those credential types automatically. How they try to get them (or not) is way outside and irrelevant to Squid. For OAuth2 Squid just needs to support the Bearer authentication scheme, and a helper to verify the credentials token which the client/browser sends back. Amos _______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users