On 30/03/18 02:44, Amos Jeffries wrote:
So, the big question is why you have this setup of Apache being a
reverse-proxy for a Squid forward-proxy?
Forward-proxy are supposed to be between clients and reverse-proxies or
origins. Not the other way around.
This is a set up I inherited with not much being documented.
I think the purpose was to split the functionality as below:
- direct unauthenticated proxy for every day usage ("proxy")
- hopping through Apache which provides http authentication for sporadic
testing use only ("aproxy")
The big picture is we need to test some code against various proxy
scenarios (http, https, authenticated, unauthenticated).
What are you actually trying to achieve here?
ATM we only have http authentication.
I would imagine real live proxy setups use encrypted https for
authentication more often than plain text http.
Am I correct with my assumption?
If that's the case then my goal is to get https authentication working
If there is no way I can easily get it to work with the existing config
I guess I can set up a new Apache hop.
Authenticating over https only and called e.g. "bproxy".
Would that make most sense?
squid-users mailing list