Bug 3025: Proxy-Authenticate problem using ICAP server

diff --git a/src/client_side_reply.cc b/src/client_side_reply.cc
index 6b25ea1a76cb213d5570b87a12ca88f980ad8de5..b89bf8e9b4ad5118bc794f9a392d52d57177bdff 100644 (file)
--- a/src/client_side_reply.cc
+++ b/src/client_side_reply.cc
@@ -1359,8 +1359,14 @@ clientReplyContext::buildReplyHeader()
 
     // if there is not configured a peer proxy with login=PASS or login=PASSTHRU option enabled
     // remove the Proxy-Authenticate header
-    if ( !request->peer_login || (strcmp(request->peer_login,"PASS") != 0 && strcmp(request->peer_login,"PASSTHRU") != 0))
-        reply->header.delById(Http::HdrType::PROXY_AUTHENTICATE);
+    if ( !request->peer_login || (strcmp(request->peer_login,"PASS") != 0 && strcmp(request->peer_login,"PASSTHRU") != 0)) {
+#if USE_ADAPTATION
+        // but allow adaptation services to authenticate clients
+        // via request satisfaction
+        if (!http->requestSatisfactionMode())
+#endif
+            reply->header.delById(Http::HdrType::PROXY_AUTHENTICATE);
+    }
 
     reply->header.removeHopByHopEntries();
 

diff --git a/src/client_side_request.h b/src/client_side_request.h
index c037cf867ac64502e34037342ee36c2304caec1a..639d71f59be0beb9bb92fc0b68a0bf42c04e4c3f 100644 (file)
--- a/src/client_side_request.h
+++ b/src/client_side_request.h
@@ -148,6 +148,7 @@ public:
 
 public:
     void startAdaptation(const Adaptation::ServiceGroupPointer &g);
+    bool requestSatisfactionMode() const { return request_satisfaction_mode; }
 
 private:
     /// Handles an adaptation client request failure.