On 15/05/19 12:09 pm, jmperrote wrote: > hello I need a help to know it is posible with squid to pass the > username autenticated on reverse proxy to the peer ? >
Firstly, please be aware that the username you may see in proxy logs is not required to be authenticated. In modern Squid it just has to be sent. > > The idea is that the webserver aplication can catch like POST method or > similar the username logued and autenticated on reverse proxy- > You can use the request_header_add directive to add custom headers with any information Squid has at the time those headers are generated for delivery to the upstream peer/server. <http://www.squid-cache.org/Doc/config/request_header_add/> But ... which username? " ul User name from authentication ue User name from external acl helper ui User name from ident un A user name. Expands to the first available name from the following list of information sources: - authenticated user name, like %ul - user name supplied by an external ACL, like %ue - SSL client name, like %us - ident user name, like %ui credentials Client credentials. The exact meaning depends on the authentication scheme: For Basic authentication, it is the password; for Digest, the realm sent by the client; for NTLM and Negotiate, the client challenge or client credentials prefixed with "YR " or "KK ". " Amos _______________________________________________ squid-users mailing list squid-users@lists.squid-cache.org http://lists.squid-cache.org/listinfo/squid-users
