On Thu, 2008-04-10 at 16:38 +0200, Davide Meloni wrote:
> On Thu, Apr 10, 2008 at 3:51 PM, Alex Rousskov
> <[EMAIL PROTECTED]> wrote:
>
> > However, if the X-Authenticated-User header is in the HTTP message, then
> > the patch you found is irrelevant as it only affects the ICAP headers.
> > Please double check and we will go from there.
>
>
> Alex,
> I suppose that the 'X-Authenticated-User' value are in the header.
> Here the packet sniffed:
>
> Frame 14 (674 bytes on wire, 674 bytes captured)
> Ethernet II, Src: xx:xx:xx:xx:xx:xx, Dst: xx:xx:xx:xx:xx:xx
> Internet Protocol, Src: yyy.yyy.yyy.yyy (yyy.yyy.yyy.yyy), Dst:
> zzz.zzz.zzz.zzz (zzz.zzz.zzz.zzz)
> Transmission Control Protocol, Src Port: 41770 (41770), Dst Port: icap
> (1344), Seq: 1, Ack: 1, Len: 608
> Internet Content Adaptation Protocol
> REQMOD icap://zzz.zzz.zzz.zzz:1344/icap ICAP/1.0\r\n
> Host: zzz.zzz.zzz.zzz:1344\r\n
> Date: Wed, 09 Apr 2008 14:23:48 GMT\r\n
> Encapsulated: req-hdr=0, null-body=374\r\n
> Preview: 0\r\n
> Allow: 204\r\n
> X-Client-IP: aaa.aaa.aaa.aaa\r\n
> X-Authenticated-User: dGVzdA==\r\n
> \r\n
> GET http://www.google.it/ HTTP/1.1\r\n
> Accept: */*\r\n
> Accept-Language: it\r\n
> UA-CPU: x86\r\n
> Accept-Encoding: gzip, deflate\r\n
> User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET
> CLR 2.0.50727)\r\n
> Host: www.google.it\r\n
> Proxy-Connection: Keep-Alive\r\n
> Cookie:
> PREF=ID=addad0d808abb98c:TM=1203945729:LM=1203945729:S=gzFdC17czTxX2ZL4\r\n
> Proxy-Authorization: Basic dGVzdDp0ZXN0\r\n
> \r\n
>
> I think that the expanded branch is ICAP header, isn't it?
Yes, the top part is an ICAP the lower is the encapsulated HTTP header.
The X-Authenticated-User header is in the ICAP header.
The above ICAP and HTTP headers are from a non-Squid proxy, right? What
confuses me is that earlier you said that Squid was sending:
X-Authenticated-User: test\r\n
yet I cannot find that header in Squid3 sources. Did you apply some
patches to teach Squid to emit that header?
Thank you,
Alex.
