Re: [squid-users] LDAP Passthrough Authentication

From: Henrik Nordstrom <henrik@dont-contact.us>
Date: Thu, 07 Jun 2007 15:05:47 +0200

tor 2007-06-07 klockan 08:46 -0400 skrev Justin Doles:

> Thanks for the pointers. I should have explained a bit more about
> what I'm attempting though. All of our users are stored in Novell's
> eDirectory. I can use LDAP to authenticate to that db. I've gotten
> that to work with Squid. I'm just trying to find a way to avoid the
> popup prompt for authentication. As far as I know, there isn't a way
> to do that with Squid. Correct? I could be wrong on that since I'm
> still new to this.

It's not a way to do that with the commony available browsers.

But if your client stations have ident servers, or you can install
something similar which can provide the identity of the currently logged
in user then it's fully possible to make Squid use this information.

> So if I can't pass the credentials like I can with NTLM, my other
> thought was to have them redirected to a login web page and then pass
> those credentials onto Squid. This way would be nice in that I could
> post the policies on that page as a reminder to the users. This
> sounds doable to me. But as I said above, I'm still new to Squid.

Doable. The information would in such case plug in to Squid via the
external acl interface, and requires a shared database of some kind to
store the session..

Regards
Henrik

Received on Thu Jun 07 2007 - 07:05:56 MDT

This archive was generated by hypermail pre-2.1.9 : Sun Jul 01 2007 - 12:00:04 MDT