On Sun, 26 Oct 2003, Ilya wrote: > If i want to realize such scheme, i need to have some way to > get a client`s IP address. > Is it possible to change the scheme of basic authenticaion? > So, for example, i want to get "username IPaddress" instead > of "username password" from stdin.
I said out-of-band authentication. This means YOU must find some method whereby you can learn who the username per IP address is. HTTP can not give you this information automatically. Once you have found such method, the external_acl hooks of Squid can be used to make Squid query your system who the username is on that IP. alternatively you can use the already existing out-of-band ident identification method. This just requires you to install ident servers on all clients. If you want to use in-band HTTP authentication then you need to use the authentication schemes as is, which means the user providing a login + password to his browser so the browser can authenticate to Squid. Regards Henrik
