On Wed, 19 Jan 2005 23:17:58 +0100 (CET), Henrik Nordstrom <[EMAIL PROTECTED]> wrote: > On Mon, 17 Jan 2005, Scott wrote: > > > Sorry Henrik, should have elaborated a little... I have over 1000 customer > > sites.. that would be a little ugly to set up and very ugly to maintain. > > Not very, but a little yes. > > >> It must be another proxy (such as Squid) and it must support forwarding of > >> the user credentials to another proxy but with a modified username (which > >> Squid does btw.. see the login= cache_peer option). > > > > I'll take a look at this me thinks > > I am not sure you will find any which does what you want. > > Probably easier to modify Squid to your desires. If you use Basic > authentication then all you should need to modify is the decoding of the > authentication header to always add the client ip to the username. > > see src/auth/basic/auth_basic.c authenticateBasicDecodeAuth() >
Henrik / All, My company has actually subcontracted out this partcular task and we implemented the solution yesterday. (We needed to do username rewriting based on client source IP). The code writers have said that they are happy to release the patch to the community however there's a raft of red tape, intellectual property and management approval to be done before we can. Hopefully there won't be any objections and we can release the patch for possible inclusion in squid. Will keep the list posted. Regards David Brown > Regards > Henrik >
