hi group.

i have running apache as server for a paysite. as i posted earlier in
this group, in front of apache there is squid running as accelerator
(yeah, this works).

to keep users from sharing their passwords, i want to have a script that
monitors logins with correspoding ip's and locks accounts out, if they
reach a given simoultanous login count. all these scripts utilize the
users http request/header and the apache rewrite engine to get the
information in question. now to my question.

since all requests to apache come from squid running on the same
machine, all requests come from the same source ip. thus, the
information is useless to the password protection script. can i get
squid to pass parts of the original userheader through to the apache
daemon as it would be if the request goes to apache directly?

i hope the description is clear enough, all ideas are welcome.

thanks for your help