25 Jan
2012
25 Jan
'12
7:58 a.m.
I determined to my satisfaction that I could not have two layers (the proxy httpd and the "real" httpd) both doing http-layer auth, unless they were both using the same uname/passwd pair. In which case, it works fine, because apache simply passes the appropriate header straight on to the backend httpd. (Unless you tell it not to, of course.)
Which kind of excludes it being useful to my situation where the backend server may require different or no credentials... I've had a look at the squid logs and I think I can do what I want with a deny redirection and some creative acls. James