Article delegate-en/1014 of [1-5169] on the server localhost:119
  upper oldest olders older1 this newer1 newers latest
search
[Top/Up] [oldest] - [Older+chunk] - [Newer+chunk] - [newest + Check]

Newsgroups: mail-lists.delegate-en

[DeleGate-En]
08 Feb 2001 05:54:41 GMT KURY <p6ybqbdyi-qjyh54mnzoxr.ml@ml.delegate.org>


Hello Delegate Users,

I am actively using squid for last 4 years. As far as my work is concerned, I
am trying to achieve the following with DeleGate:

1. Authenticate all users htpasswd style user:pass (ncsa_auth in squid)
2. Do URL rewriting with delegate so our users can use
http://mydelegate.com/http:www.yahoo.com

Now, the first one works by specifying HTTP as AUTHORIZER.
However, there are some issues. DeleGate is looking for some file names which
do not exist in the web space even after successfully logging in to the site
with 200 HTTP response. I had to add few lines to it (for my own use) so 404
would be accepted as success as well. The user without authentication would
be
getting 401 so they cannot get 'file not found' in the first place. So, 404
serves the purpose there. I thought you might want to modify the source so
that delegate does not try looking for a file after logging in to the web
server. Also, this is not very much efficient since delegate tries to log in
to the web server with each URL request and it makes delegate dependant on
the
web server. I have seen many users are asking the same thing. Wouldn't it be
possible to adapt ncsa_auth to delegate and authenticate against a
local file as well and cache the results for a certain amount of time instead
of asking it in every request?

When DeleGate is used with HTTP authorizer, I am unable to access any web
sites that
require .htaccess user authentication. I have tried authgens to no avail.
What
is the correct format?

How can we disable ident lookups altogether in DeleGate? When used with HTTP
auth, DeleGate is doing ident lookups and sometimes blocking even though my
ident timeout is 1 second. None of my users have identd installed on their
machines.

How would it be possible to replace <ISINDEX> tags with <FORM> tags in
nonCERNproxy.dhtml? Where do we have to post and how do we have to post? 

DeleGate is also not rewriting URLs correctly on domains on the same machine
and is not interpreting javascript correctly on external web servers. I have
tried all URICONV options to no avail (URICONV=full:+ fixes the problem for
URLs on the same server though). For example, if you go to www.microsoft.com,
you can see that the links on ABOUT MICROSOFT section on the top bar are not
rewritten properly to include www.microsoft.com . Any ideas how to specify
correct configuration?

Here is one of my configurations:

RESOLV=sys
ADMIN="adm@localhost"
CACHE=no
TIMEOUT=dns:30,acc:20,con:20,lin:20,ident:1
DELAY=reject:1,unknown:1
-P127.0.0.1:8888
RELAY=delegate
PERMIT="*:*:*"
MOUNT="/* *"
#AUTHORIZER="localhost:*:*:*" 
#AUTH=origin:auth
#PERMIT="*:*:*@localhost"
#AUTH="authgen:basic:%U:%P"

When I want to use authorization part, I am uncommenting AUTHORIZER, AUTH and
PERMIT parts and removing all access PERMIT line above.

I am at a loss as nothing works as expected.

My internet connection is through our corporate proxy (over which I have no
control) and I want to be able to allow my dialup, laptop or other users to
access the net without the restrictions of our corporate proxy. The users
must
be authenticated with a username and password and must be able to specify
http://mydelegate.com/http://www.yahoo.com in the Location field of their
browsers since they cannot change the proxy settings in their browsers. HTTP
is the only required protocol at this stage. If you can guide me to a working
setup, I would be forever grateful. I am using 7.0.0 but
the outcome is the same on 6.1.22 as well. Also note that, I am asking you
this after going through DeleGate manual 4-5 times, reading the mailing list
archives and trying every possible configuration imaginable. Just don't think
that I have not done my homework ;)

Thank you very much in advance for your time.

Kury Dartanyan



____________________________________________________________________
Get free email and a permanent address at http://www.netaddress.com/?N=1

  admin search upper oldest olders older1 this newer1 newers latest
[Top/Up] [oldest] - [Older+chunk] - [Newer+chunk] - [newest + Check]
@_@V