RE: Lock down WWW Access

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



I think you should use squid together with Samba, so squid will ask the
Samba authentication helper with user authentication questions and that
helper will verify user's credentials and return the result to squid.
See the description of this configuration at:
 http://www.squid-cache.org/Doc/FAQ/FAQ-23.html#ss23.5

Alexey Fadyushin
Brainbench MVP for Linux
http://www.brainbench.com

> -----Original Message-----
> From: redhat-list-bounces@xxxxxxxxxx [mailto:redhat-list-
> bounces@xxxxxxxxxx] On Behalf Of Bliss, Aaron
> Sent: Monday, February 27, 2006 3:57 AM
> To: Paul Dwerryhouse; redhat-list@xxxxxxxxxx
> Subject: RE: Lock down WWW Access
> 
> Does anyone know if I can use pass thru authentication with squid?
I'm
> running AD on the windows side of the house, and would like it so that
> my users wouldn't have to manually enter their AD credentials when
> browsing the web.  Thanks for your help.
> 
> Aaron
> 
> -----Original Message-----
> From: redhat-list-bounces@xxxxxxxxxx
> [mailto:redhat-list-bounces@xxxxxxxxxx] On Behalf Of Paul Dwerryhouse
> Sent: Sunday, February 26, 2006 7:54 PM
> To: redhat-list@xxxxxxxxxx
> Subject: Re: Lock down WWW Access
> 
> On Fri, Feb 24, 2006 at 04:52:00PM -0800, Job Cacka wrote:
> >  2. Have the option to allow or deny WWW access per login. Without
> > restricing local browser functionality.
> 
> Force your users to use a squid proxy server that requires
> authentication the first time that they access websites outside your
> local network. Then, there's a number of ways you could deny access to
> specific users.
> 
> Given that I tend to use LDAP for authentication, I'd probably use an
> LDAP-filter based method to allow users in. Alternatively, a quick
look
> at squid's config file suggests that acls can be used to allow or deny
> users based on login name.
> 
> Cheers,
> 
> Paul
> 
> 
> --
> Paul Dwerryhouse				| PGP Key ID: 0x6B91B584
>
========================================================================
> Building Java RPMS for Redhat Enterprise Linux:
> http://nepotismia.com/redhat/java/
> 
> --
> redhat-list mailing list
> unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe
> https://www.redhat.com/mailman/listinfo/redhat-list
> 
> 
> 
> www.preferredcare.org
> "An Outstanding Member Experience," Preferred Care HMO Plans -- J. D.
> Power and Associates
> 
> Confidentiality Notice:
> The information contained in this electronic message is intended for
the
> exclusive use of the individual or entity named above and may contain
> privileged or confidential information.  If the reader of this message
is
> not the intended recipient or the employee or agent responsible to
deliver
> it to the intended recipient, you are hereby notified that
dissemination,
> distribution or copying of this information is prohibited.  If you
have
> received this communication in error, please notify the sender
immediately
> by telephone and destroy the copies you received.
> 
> 
> --
> redhat-list mailing list
> unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe
> https://www.redhat.com/mailman/listinfo/redhat-list

-- 
redhat-list mailing list
unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe
https://www.redhat.com/mailman/listinfo/redhat-list

[Index of Archives]     [CentOS]     [Kernel Development]     [PAM]     [Fedora Users]     [Red Hat Development]     [Big List of Linux Books]     [Linux Admin]     [Gimp]     [Asterisk PBX]     [Yosemite News]     [Red Hat Crash Utility]


  Powered by Linux