W3C home > Mailing lists > Public > www-jigsaw@w3.org > March to April 1999

Re: Authentication on a proxy

From: Yves Lafon <ylafon@w3.org>
Date: Thu, 29 Apr 1999 19:11:51 +0200 (MET DST)
To: Buchs Christian <cbu@elca.ch>
cc: www-jigsaw@w3.org
Message-ID: <Pine.GSO.4.10.9904291905420.3485-100000@tarantula.inria.fr>
On Thu, 29 Apr 1999, Buchs Christian wrote:

> 
> With the following system:
> 
> one machine "A" is running Jigsaw as a mirror (MirrorFrame)
> to a second machine "B" acting as a proxy (with Jigsaw's ProxyFrame).
> 
> Users (browsers) connect to "A". Is there a way to authenticate them
> on "B"? (I have tried putting a GenericAuthFilter on the ProxyFrame,
> it doesn't work). Is it possible?

GenericAuthFilter on the ProxyFrame works, it will reply
Proxy-Authenticate instead of WWW-Authenticate (It allows you to go to a
protected site while protecting your proxy).
The main problem is that Proxy-Authenticate is a hop-by-hop header and it
will be removed by the first proxy (the mirror)
So you may to only ip authentication for the mirror and do the first
authentication on the mirror instead of the proxy (which will allow only
the mirror to talk)
Hope this helps,

      /\          - Yves Lafon - World Wide Web Consortium - 
  /\ /  \        Architecture Domain - Jigsaw Activity Leader
 /  \    \/\    
/    \   /  \   http://www.w3.org/People/Lafon - ylafon@w3.org    
Received on Thursday, 29 April 1999 13:15:18 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Monday, 9 April 2012 12:13:29 GMT