My stakeholder requested me a solution where squid users should
authenticate into a corporate portal before they can actually access the
proxy.
Furthermore, there's a LDAP authentication, already implemented. The
portal's database is going to use the same LDAP directory (Active
Directory).
So, even if the user entered the right login/password, it will deny the
access, with a error message showing a link to the portal where the user
should authenticate itself, forcing the user to see the corporate portal.
It isn't necessary that if the user closes the browser, it should
authenticate himself into the portal again. Just one turn at the day
maybe enough, enabling access to another applications that uses Web but
isn't a browser (Google Earth, for example).
I'd like to receive some appoints from you about which technologies
should I use on this solution. The squid authentication module already
exists for that or should I make a new one?
I thought about a new module authenticating into Kerberos. Just thoughts...
--
Best regards,
Luiz Felipe de Souza Gomes
