Andres Salazar wrote:
> Hello,
>
> Squid user based authentication is a high advantage to placing access
> lists. Iam however forced to place squid as a transparent proxy but I
> need some kind of authentication for users passed to squid to manage
> the ACLs (specific allow lists, reply body size, etc) .
>
> Is there _any_ work arround (even if it is complex) that I can
> authenticate users with a transparent proxy? Perhaps with a captive
> portal that displays a single login page until authenticated and then
> somehow passing that authentication to squid so it gives them the
> allowed access?
Best way is to use WPAD/PAC to 'transparently' and automatically
configure the browser.
http://wiki.squid-cache.org/SquidFaq/ConfiguringBrowsers
Second best is to add to the above a captive portal page which instructs
users how to configure their browser for the proxy.
After that, the complex way of side-band identification using an
external_acl_type helper which returns "OK user=XX" when an identifiable
machine is matched against a database of logged in users vs machines.
Amos
-- Please be using Current Stable Squid 2.7.STABLE7 or 3.0.STABLE19 Current Beta Squid 3.1.0.14Received on Tue Oct 20 2009 - 10:36:12 MDT
This archive was generated by hypermail 2.2.0 : Tue Oct 20 2009 - 12:00:03 MDT