I'm trying to set up a Delegate proxy on a subnet of my campus network,
which uses BlueCoat's transparent proxy technology with HTTP authentication
for outbound connections. When you try to connect to some external site, the
outbound proxy issues an HTTP 307 (Temporary redirect) response with
a Location header set to a virtual host that checks for authentication and
then connects to the requested site.
(sketch: [my subnet ----> my Delegate ----> transparent proxy with auth
So since this is transparent proxying, I told Delegate to simply relay HTTP
queries from my subnet, and used MYAUTH="user:pass:virtualdomain" to
authenticate to the virtual host that allows the request to traverse the
outbound proxy. My goal with this setting is only to bypass the HTTP
authentication needed by the transparent proxy, as it causes problems to
many applications that use HTTP connections in the background to retrieve
information from the web.
Trouble is, I can't figure out how Delegate handles the HTTP 307 reply that
is issued by the transparent outbound proxy prior to authentication: my TCP
listener indicates Delegate sends an RST-flagged TCP packet resetting the
connection, and the log indicates it tries to connect to
https://mydomain.com (instead of http://mydomain which was the initial
query). But it does not go to the (virtual) URL in the 307 response header.
I tried to unset the MYAUTH parameter incase it implied trying to connect
through SSL, but that didn't make any difference: Delegate still does not
connect to the 307 redirection URL.
Thanks in advance