Search squid archive

Re: transparent proxy with authentication

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



I see. Do you think the design where cookies were used to keep track of per-user authentication details at client browser is a feasible and good design?

-------- Original Message --------
From: Henrik Nordstrom <hno@xxxxxxxxxxxxxxx>
To: Chin Kah Yi <kahyi@xxxxxxxxx>
CC: Henrik Nordstrom <hno@xxxxxxxxxxxxxxx>, squid-users@xxxxxxxxxxxxxxx
Subject: Re: transparent proxy with authentication
Date: 28/10/2005 19:14



On Fri, 28 Oct 2005, Chin Kah Yi wrote:

I see. but if it is transparent proxy via wccp, how would the IP based access control scheme work on bluecoat as bluecoat wouldn't be inline to do access control and depending on cisco router?


It is inline for HTTP traffic. The proxy can do whatever it likes with the HTTP traffic.

What these schemes usually does is to redirect requests coming from an address not known to the proxy to a local login page, where a successful login registers the account for that IP and the user is then redirected back to the page he originally requested.

There is also another possible scheme using a combination of this and cookies. This provides per-user authentication but basically floods the browser with new cookies.

Regards
Henrik



[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux