[squid-users] ident lookups & squid

From: <richard.fuser@dont-contact.us>
Date: Sat, 4 May 2002 15:04:49 +1000

This email is to be read subject to the disclaimer below.

Hi Everyone,

Just quickly, squid rocks my world and is the best thing that ever
happpened to our proxys!!!!!!! we now have 8 running accross our entire
company and they hummmmmmm :)

One small issue I have is that I have an ident server running on all client
workstations that the squid machine make a request to and then compares it
to a text list of users.

At times the user is prompted for a password as it falls back to a ldap
authentication method if it does not get a response from a ident server on
the clients workstation, this seems to happen when a site is loaded that
has a lot of small pics and it seems the ident server is not keeping up.

1: Does anyone know of a good ident server for win32 that will run as a
service?

2: Is there anyway to make squid handle this and not prompt for a
username/password.

Here is the config lines I have.

ACL definitions

# this accepts a valid username/password from the allowed webusers
acl NDSAUTH proxy_auth "/usr/local/etc/WEBUSERS"

# identd "authentication"
acl WEBGROUP ident "/usr/local/etc/WEBUSERS"

ACLS

# try ident lookup and member of WEBUSERS
http_access allow WEBGROUP
# try matching agains LDAP username/password and member of WEBUSERS
http_access allow NDSAUTH
# And finally deny all other access to this proxy
http_access deny all

Thanks in advance.... keep up the good work..

Regards,
Richard Fuser
Firewall & UNIX Systems Administrator

--------------------
NOTICE - This communication contains information which is confidential and
the copyright of Ernst & Young or a third party.

If you are not the intended recipient of this communication please delete
and destroy all copies and telephone Ernst & Young on 1800 655 717
immediately. If you are the intended recipient of this communication you
should not copy, disclose or distribute this communication without the
authority of Ernst & Young.

Any views expressed in this Communication are those of the individual
sender, except where the sender specifically states them to be the views of
Ernst & Young.

Except as required at law, Ernst & Young does not represent, warrant and/or
guarantee that the integrity of this communication has been maintained nor
that the communication is free of errors, virus, interception or
interference.

Liability limited by the Accountants Scheme, approved under the
Professional Standards Act 1994 (NSW)
--------------------
Received on Fri May 03 2002 - 23:09:16 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:07:54 MST