- From: Patrick R. McManus <mcmanus@ducksong.com>
- Date: Thu, 23 Oct 2003 10:36:18 -0400
- To: Rob Maidment <rob.maidment@clearswift.com>
- Cc: "'ietf-http-wg@w3.org'" <ietf-http-wg@w3.org>
[Rob Maidment: Oct 23 15:31] > > I am currently investigating a problem that occurs in this type of scenario: > > browser -> proxy1 -> proxy2 -> server > > Proxy1 is actually a Squid proxy, it is passing though the end-user > authentication to proxy2. The problem occurs because proxy1 is reusing > connections to proxy2 for requests from different users, but proxy2 is only > authenticating the first request on each new connection. This means that > subsequent requests are not being authenticated, and these requests are > being treated as if they originated from the first user to use the > connection. > > Which proxy is at fault? I understood that one of the intended benefits of > persistent connections was that a proxy would only have to authenticate the > first request on each connection, which is a huge performance benefit. proxy2 is at fauilt. HTTP transactions are stateless.
Received on Thursday, 23 October 2003 10:36:02 UTC