Mark Wallis wrote: > The problem occurs when the application on the web server wants Basic > authentication also. It looks like the 401 code for authorisation makes it > back to the user okay with the different Realm but when the user sends their > details back Squid picks them up thinking they belong to it's authentication > ....... it doesn't just pass them through to the web server. Hence since the > second authentication is a different user/pass to the first Squid fails the > authentication and denies the access.
There can only be one level of authentication in HTTP. If both the Squid accelerator and the backend web server requires authentication then the login must be identical on both, and Squid must be configured to pass the login information back to the web server (see the cache_peer options). Regards Henrik
