I have a customer that uses a proxy server to authenticate users to an internet based system. In summary, it is installed in a DMZ as a reverse proxy accessing the customers service. The Service is built up using several VIP addresses over http. When an Internet user accesses the external URL they are presented with Proxy authentication against the directory server. Once authenticated they then further authenticate to the internal service. This is fine, however when the user accesses say the webmail link they are redirected to webmail1.xxx.net and are presented with a further Proxy authentication. In total there could be up to five proxy authentications if a user accessed all services(webmail, calendar, Instant messaging etc etc) within a session.
What the customer is looking for is a Proxy Server that can support session based authentication, so regardless of what address you are redirected to, you only authenticate once. Does Squid Support this type of model?????
Regards
steve
