Graham Leggett wrote:
GL> S�bastien Bonnegent wrote:
GL>
GL> > Not necessarily, because I can detect in the proxy module when the server
GL> > responds with a 401 (need authentification) and in this case, I re-send
GL> > a request with a authentification field if the user is already authentified
GL> > on the proxy. And this, without any browser's cooperation.
GL>
GL> In that case I've lost you - can you explain again what you are trying
GL> to achieve? I understood that you were trying to force a transparent
GL> proxy to authenticate users through it, I don't see how the end server
GL> should get involved in any of this...?
The server doesn't see that there is a proxy, the schema is as follow:
---------------------------------------------------------------
| User -------------------- Proxy ------------------- Server |
---------------------------------------------------------------
Get an URL ----> do nothing ----> Need auth
so
<----(401)
If User is known
then
give user
auth header (auth)--->
else
<----(401)
user provides
authentification
(auth)----> catch the authentification header
and store it somewhere (auth)---->
(401) means "need authentification", a 401 request
(auth) means that the request contains an authentification header
Is it more clear ?
Best regards,
se� - sinad
--
GPG uid: 0xCB92591D ICQ: 60143970
LINUX - because life is too short to reboot !
-- Fortune:
Someone is speaking well of you.
How unusual!
msg11448/pgp00000.pgp
Description: PGP signature
