[1899] in WWW Security List Archive
Re: Proxy Authentication
daemon@ATHENA.MIT.EDU (Bret Gorsline)
Wed Apr 24 11:10:51 1996
To: etdrc@public.bta.net.cn
Cc: bretg@cc.bellcore.com, www-security@ns2.rutgers.edu
In-Reply-To: Your message of "Wed, 24 Apr 1996 14:07:36 +0800."
<199604240607.OAA14826@public.bta.net.cn>
Date: Wed, 24 Apr 1996 08:22:54 -0400
From: Bret Gorsline <bretg@ctt.bellcore.com>
Errors-To: owner-www-security@ns2.rutgers.edu
"etdrc@public.bta.net.cn" writes:
> Here is problem for you:
> I have a Netscape proxy server in our LAN.I browse information of
> many servers via Netscape proxy server.When I redirect from one information
> server to another, the Netsape proxy server don't prompt me to enter
> name/passwd again.But if I use CERN http server as my proxy server, it will
> ask my name/passwd every time when I redirect from one server to
> another.Could you tell me how Netscape proxy server solve this problem?
I've never used the CERN proxy, and I'm far from an
expert on proxies, but since you've asked twice, I guess
I'll take a stab.
I do know that you'll be asked for name/passwd
again whenever your browser makes a request to
a new machine/port/realm combination.
The Netscape proxy is basically a server that has a client
stuck to it. When you make a request to it, it becomes a
client, gets the page, and sends it back to you. Your browser
never even realizes that another machine was the true
source of the data.
This tells me one of two things:
1) the CERN proxy just does HTTP redirects
instead of "true" proxying. I find this hard
to believe, as a major value of a proxy is
in the caching that can be done if it sees the data.
2) Your scenario is somehow different for
the two servers.
Could someone who's used the CERN proxy comment
on this situation? I optimistically expect that it does the
"right" thing.
Failing that, you're going to have to provide more info.
Tell us the exact scenario you're attempting, including
client machines, server machines, server ports, authentication
realms, and URLs. If you don't want to share your real
data, make up an analogy.
Bret
----------------------------------------------------
bretg@cc.bellcore.com Bellcore - Software Engineer
----------------------------------------------------
