Hello, I'd like to share Basic auth helper I made for Squid: https://github.com/SenseUnit/basic_hmac_auth This helper enables Squid basic authentication with HMAC-signatures passed as a password. Such scheme is useful in scenarios where proxy credentials are provisioned by some central authority (e.g. webservice). This way proxy client obtains a login and password pair from that authority and proxy can validate it without ever contacting authority to check credentials status. Compared to classical approaches with network request made by other helpers, this approach has following benefits: - No surge of validation requests whencredentials cache was emptied. - No added latency to validate credentials. - No issues with credentials cache coherence across different workers/instances of Squid server, it's the client who will contact authority and just once per credentials update. - Some degree of autonomy - proxy will continue to serve when auth backend is not available until credentials expire. Hope some may also find it useful. Feedback is welcome! -- Best regards, Vladislav Yarmak _______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx https://lists.squid-cache.org/listinfo/squid-users
