On Wed, 24 Sep 2003, Wilshire, Andrew wrote: > When I look inside access.log on the PARENT (2nd tier) cache of the > first-tier cache I see > > 1064290276.165 4844 eee.fff.ggg.hhh TCP_MISS/200 10100 GET > http://www.nzherald.co.nz/pics/ACFNAA.Taimy.JPG - > FIRST_UP_PARENT/3rdtiercache.fqdn.co.nz image/jpeg > > What I need to accomplish is to get the domain/username passed through to > the PARENT cache so that I may use a filtering product on our 2nd tier > proxy.
Then you need to set up a system where "faked" logins are used to the 2nd tier proxy. You can set up the first proxy to log in with the same username but a static password. See the login= cache_peer option. This also requires reconfiguring the parent proxy to require basic authentication and know about the static password assigned to the first proxy. > Do I need to recompile Squid on the 2nd tier cache with ntlm_auth support? Won't help. You can't proxy ntlm_auth due to the nature of NTLM. Regards Henrik
