Dear Henrik, I have just glanced through the documentation and I have one more doubt about reverse ssl. Is it to use the redirector to "redirect" the unauthenticate incoming http request to https for authentication and afterwards, use redirector again to "redirect" again to http. For example,
http://abc.abc.com -> https://abc.abc.com for authentication -> http://abc.abc.com/ (authenticated) Thx & Best Regards, Jonathan Chiu OLAPL OOCL Logistics (Hong Kong) Ltd. Unit 1, 4/F, Sun Hung Kai Centre 30 Harbour Road, Wanchai Hong Kong email: [EMAIL PROTECTED] Tel: 852. 2990-0174 Fax: 852. 2824-9017 -----Original Message----- From: JONATHAN CHIU (ISD-OLAPL/HKG) Sent: Friday, March 26, 2004 9:04 AM To: [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Subject: RE: [squid-users] reverse ssl problem. Henrik, Many thx again for your clear direction. Thx & Best Regards, Jonathan Chiu OLAPL OOCL Logistics (Hong Kong) Ltd. Unit 1, 4/F, Sun Hung Kai Centre 30 Harbour Road, Wanchai Hong Kong email: [EMAIL PROTECTED] Tel: 852. 2990-0174 Fax: 852. 2824-9017 -----Original Message----- From: Henrik Nordstrom [mailto:[EMAIL PROTECTED] Sent: Thursday, March 25, 2004 4:11 PM To: JONATHAN CHIU (ISD-OLAPL/HKG) Cc: [EMAIL PROTECTED] Subject: RE: [squid-users] reverse ssl problem. On Thu, 25 Mar 2004 [EMAIL PROTECTED] wrote: > Dear Henrik, > > Many thx for your advise, what I would need to do is to setup SSL > authentication to protect user name / password when obtaining access > from intranet. After logging into squid thru https, browser client from > internet may change back to http (without 's') for continuing the web > surfing. (Some of the intranet application like video streaming with > mjepg does not working with https) No problem there. If you do not need https "on the inside" then Squid-2.5 is sufficient. Even authentication in accelerators/reverse proxies is possible in Squid-2.5 but requires a hidden define to be enabled. If you need https "on the inside" then Squid-3 or Squid-2.5 + ssl update is needed. In Squid-3 authentication for accelerators/reverseproxies works by default and no hidden define is needed. Regards Henrik IMPORTANT NOTICE Email from OOCL is confidential and may be legally privileged. If it is not intended for you, please delete it immediately unread. The internet cannot guarantee that this communication is free of viruses, interception or interference and anyone who communicates with us by email is taken to accept the risks in so doing. Without limitation, OOCL and its affiliates accept no liability whatsoever and howsoever arising in connection with the use of this email. Under no circumstances shall this email constitute a binding agreement to carry or for provision of carriage services by OOCL, which is subject to the availability of carrier's equipment and vessels and the terms and conditions of OOCL's standard bill of lading which is also available at http://www.oocl.com. IMPORTANT NOTICE Email from OOCL is confidential and may be legally privileged. If it is not intended for you, please delete it immediately unread. The internet cannot guarantee that this communication is free of viruses, interception or interference and anyone who communicates with us by email is taken to accept the risks in so doing. Without limitation, OOCL and its affiliates accept no liability whatsoever and howsoever arising in connection with the use of this email. Under no circumstances shall this email constitute a binding agreement to carry or for provision of carriage services by OOCL, which is subject to the availability of carrier's equipment and vessels and the terms and conditions of OOCL's standard bill of lading which is also available at http://www.oocl.com.
