Re: Passing client ip address to authenticator

From: Henrik Nordstrom <hno@dont-contact.us>
Date: Fri, 20 Aug 2004 13:42:26 +0200 (CEST)

On Fri, 20 Aug 2004, Evgeny Kotsuba wrote:

> The user already is identified (say at PPPoE) so there is no need for
> extra userid/password but still need be known to billing softaware . And
> this billing software can limit access on time/tfaffic etc. basis.

Why didn't you say so from start. This is not authentication, this is only
authorization. The user is already authenticated and Squid just needs to
be told how to use this already existing and verified authentication
credentials.

>> http://devel.squid-cache.org/old_projects.html#authinfo
>
> Good! Seems this is right what I need.

Not really if what you want is what you describe above.

The kind of authorization you describe above can easily be implemented
usin an external acl based on the client IP, returning the username
currently using that IP for logging and accounting purposes. See the
external_acl_type directive. You obviously need some method of querying
your authentication server on who the user behind the IP currently is but
this is your problem, not a Squid problem.

Regards
Henrik
Received on Fri Aug 20 2004 - 05:42:36 MDT

This archive was generated by hypermail pre-2.1.9 : Wed Sep 01 2004 - 12:00:04 MDT