Hi, all -- we have a situation where we would benefit (or are at least
exploring) turning on authentication in Squid. But we have several apps that
use HTTP (REST, basically) for their communication, and don't have built-in
support for basic auth, Kerberos, etc.
So, a basic question. Is anyone aware of any approaches to leveraging proxy
authentication with custom-coded applications in such situations? Are there
any auth methods that can be configured to work from Windows clients
"automagically", via built-in support at the network stack level, invisibly or
independent of the custom application issuing the HTTP calls that are being
proxied? Or, alternatively, are there "wrapper" approaches that can be used to
enable proxy authentication for the apps?
The client and server environments are both Windows, btw. And we have
flexibility to run Squid on the client as well as the servers, if it makes
approaches possible (this indirectly relates to the chains a month ago about
using Squid on both a client and server to create a poor-man's SSL VPN - which
we ended up not doing, because of the instability of the SSL support in the
Squid install from Acme, unfortunately, we instead leveraged Squid only on the
server, and are sending proxy calls through Stunnel).
This might sound like an arcane situation (or maybe not, not sure) - but we're
forced to secure 3rd party applications for which we aren't allowed to touch
the code <sigh>.
Tia!
----
David G. Bucci
Chuck Norris can kick through all 6 degrees of separation,
hitting anyone, anywhere, in the face, at any time.
-- ChuckNorrisFacts.com
