Hi Amos,

On 30/03/18 02:44, Amos Jeffries wrote:
So, the big question is why you have this setup of Apache being a
reverse-proxy for a Squid forward-proxy?

Forward-proxy are supposed to be between clients and reverse-proxies or
origins. Not the other way around.
This is a set up I inherited with not much being documented.
I think the purpose was to split the functionality as below:
- direct unauthenticated proxy for every day usage ("proxy")
- hopping through Apache which provides http authentication for sporadic testing use only ("aproxy")
What are you actually trying to achieve here?
The big picture is we need to test some code against various proxy scenarios (http, https, authenticated, unauthenticated).
ATM we only have http authentication.
I would imagine real live proxy setups use encrypted https for authentication more often than plain text http.
Am I correct with my assumption?

If that's the case then my goal is to get https authentication working as well. If there is no way I can easily get it to work with the existing config I guess I can set up a new Apache hop.
Authenticating over https only and called e.g. "bproxy".
Would that make most sense?

squid-users mailing list

Reply via email to