> I have a query related to the option Login=PASS in cache-peer. The
> documentation mentions the following.
> login=PASS Send login details received from client to this peer.
> Authentication is not required by this option.
> *If there are no client-provided authentication headers
> to pass on, but username and password are available
> from an external ACL user= and password= result tags
> they may be sent instead.*
> I want to understand what do they exactly mean by the text given *bold*?
> Where and how can the user and password be given as acls.
> Can some one please shed some light with possible example?
The usual purpose of external-ACL helper (external_acl_type) is to do
authorization (allowed/denied) checks (*not* authentication!!).
But it can also do out-of-band processing on what it gets given (eg
Cookie header, or WWW-Auth* header with custom scheme type, or IP and
IDENT values) and send back a response like "OK user=blah password=hello".
If there is no authenticated HTTP-auth login credentials for the request
these external-ACL provided credentials may be used to fulfill the
login=PASS requirement of delivering a Basic authentication header to