I understand that transparent proxy cannot ask the browser for
Authentication because the browser is not aware of the existence of
the proxy.
I can't believe that there is not a work-around for this...
I have several laptops on my network which are used on other networks,
so I need the connection through the proxy to be "automagic" to the
extent that I don't need to ask my CEO to reconfigure his browser
everytime he comes into the office. But I also need to be able to
track web usage.
I have thought up a hack involving the following:
I can set up a file containing an ip address on each line /etc/squid/iplist.
Then I set up the squid.conf to have the following line:
acl authorisedip src "/etc/squid/iplist"
I changed the ERR_ACCESS_DENIED file to contain a form which calls a
perl program (catchip.pl) passing it a username and password which, if
correct, appends the user's ip to the /etc/squid/iplist file.
(removing the IP when the user closes his browser would be trickier).
However, this all falls down because it appears that the file is only
parsed on startup which sort of subverts it's usefulness.
I can't believe that this avenue has not been fully explored. Can
anyone comment on this hack?
Is there a simpler method of getting this done?
Received on Fri Feb 29 2008 - 07:41:57 MST
This archive was generated by hypermail pre-2.1.9 : Sat Mar 01 2008 - 12:00:06 MST