sön 2007-04-29 klockan 14:43 -0400 skrev Tuc at T-B-O-H.NET: > "The above can be accomplished with the help of the session acl helper in > it's active mode, combined with a internal web server for serving the > splash page and redirecting the user back to the requested URL when > clicking on Connect." If you need the user to actively click on Connect then yes. If you just need to have the spash page displayed once then not. The configurations build on each other, so start with the default automatic mode, then when you have got an understanding of how that works look into the active mode to force active confirmation. The difference is mainly in Squid acls. > Which is exactly what I want. And all I'm looking for is > WHAT is used to determine that the "session" is there. Is it a cookie? > A pop up? A mac address? An IP address? Whatever you specify in the external_acl_type format. Cookie can not easily be used in an Internet proxy as there is no concept of "proxy cookies" in HTTP. > What is the way in the example? I don't see it passing anything > it seems except %LOGIN. Whats %LOGIN comprimised of? See the external_acl_type directive. > > 1) User attempts to access a.b.c.d > 2) Squid sents to acl helper > 3) ACL helper matches BLAH against BLEH The acl helper checks if it has seen "BLAH" in an active session. > 4) If there is a match, page can be retrived > 4b) If not, then user is directed to another page > 5) When BLOOP is done, a FROIBLE is stored and.... > > So I'm trying to find out what the ACL is matching > to see if the user was seen or not... Whatever you say in external_acl_type defines the session identifier. Then the presence of a session is determined by the automatic/active mode of the helper. In active mode a LOGIN must be explicitly sent to the helper to start the session, in automatic mode the session is automatically started after the first request (note: after. First request is not considered part of the session). Regards Henrik
Attachment:
signature.asc
Description: Detta =?ISO-8859-1?Q?=E4r?= en digitalt signerad meddelandedel
