Hi,
>From my understanding of mod_cache, proxy authentication (header Proxy-Authenticate) is not asked when serving cached content in a forward proxy configuration: mod_cache operates on the quick_handler hook whereas authentication operates later in the request process. I have tried it on a real case as well: <Proxy *> AuthType Basic ... Require valid-user </Proxy> Content not available in cache goes through the authentication, but not the cached one. As a result, a user does not need to be authenticated to access a cached result. So, here we are: - Am I wrong? - Is it a normal behavior? - If not: is it addressed by someone? - If not: what about I do it: is checking user information in the quick handler hook before mod_cache (in case it fails, we send 407, Proxy-Authenticate, return OK) a good solution? Thanks Laurent
