On Fri, 28 Oct 2005, Chin Kah Yi wrote:
> I see. but if it is transparent proxy via wccp, how would the IP based access
> control scheme work on bluecoat as bluecoat wouldn't be inline to do access
> control and depending on cisco router?
It is inline for HTTP traffic. The proxy can do whatever it likes with the
HTTP traffic.
What these schemes usually does is to redirect requests coming from an
address not known to the proxy to a local login page, where a successful
login registers the account for that IP and the user is then redirected
back to the page he originally requested.
There is also another possible scheme using a combination of this and
cookies. This provides per-user authentication but basically floods the
browser with new cookies.
Regards
Henrik
Received on Fri Oct 28 2005 - 05:14:43 MDT
This archive was generated by hypermail pre-2.1.9 : Tue Nov 01 2005 - 12:00:05 MST