Search squid archive

Re: [squid-users] squid_ldap_group - url access restrictions based on group

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



# Define external authentication acl
external_acl_type ldap_group %LOGIN /usr/lib/squid/squid_ldap_group -B
ou=people,dc=yourcompany,ou=com -b ou=Group,dc=yourcompany,dc=com -f
(&(cn=%g)(memberUid=%u))" -h ldap.yourcompany.com

# Define the group
acl somegroup external ldap_group group_you_need_to_be_member_of

# Some URL
acl someurl url_regex ^http://foo.bar.baz/bam$

# deny the group access to the url
http_access deny somegroup someurl

Thien


On 4/18/05, D & E Radel <radel@xxxxxxxxxxx> wrote:
> 
> ----- Original Message -----
> From: "D & E Radel" <radel@xxxxxxxxxxx>
> To: "Henrik Nordstrom" <hno@xxxxxxxxxxxxxxx>
> Cc: <squid-users@xxxxxxxxxxxxxxx>
> Sent: Tuesday, April 19, 2005 10:39 AM
> Subject: [squid-users] squid_ldap_group - url access restrictions based on
> group
> 
> >>> We are trying to allow block access to certain sites to a certain group,
> >>> but not another group. Am I too ambitious? ;-)
> >>
> >> Pretty standard thing for using squid_ldap_group.
> >>
> >> Regards
> >> Henrik
> >
> > Hi Henrik,
> >
> > Note: changed the subject as the topic of my original post has evolved.
> > :-)
> >
> > I see that you co-wrote squid_ldap_group. Do you have (or know the
> > location of) a detailed HOWTO or perferably a sample squid.conf file that
> > contains a working scenario as mentioned above. ie with various ACLs and
> > access restrictions based on group?
> >
> > thanks in advance.
> > grol
> 
> Googling for examples come up with next to nothing. I have seen reference to
> "objectclass=person", "objectclass=posixGroup" and
> "objectClass=groupOfNames".  But no docs that I can see to decypher what
> these mean or how they are implemented.
> 
> TIA,
> grol.
> 
>


[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux