Luis Daniel Lucio Quiroz wrote:
Hi All,
We are planning to install a farm of -nsquids to provide our company enhanced
web suffering experience and to control security on who is where. However,
we have some requirements I'm not really sure that squid is captable of them,
here they are:
- Squids need to be auth, however, auth must be agains an openldap (I know
this is possible). The fact is that auth MUST be crypted. I was thinking
about Cipher auth that is done with MD5 but we really dont know what is the
crypt hash of ldap.
See
http://www.squid-cache.org/mail-archive/squid-users/200212/0005.html,
http://www.squid-cache.org/mail-archive/squid-users/200407/0697.html and
finally
http://wiki.squid-cache.org/KnowledgeBase/Using_the_digest_LDAP_authetication_helper
In the last link, where it talks about Installing and testing the
helper, Squid 2.6 is equivalent to Squid 2 HEAD, as the digest_ldap_auth
helper is included with Squid 2.6
- Authentication must be share, in the way that if I've already authed in
squid1, then squid2 shouldnt ask me authentication. I'm not really shure if
ICP or HTCP cand do this. Squis farm is balanced by an external apliance so
we dont know what squidN is responding to replay.
As long as all the proxies use the same data source to authenticate
against, no extra work will be required. HTTP is a stateless protocol,
so the browser passes authentication details along with every request
that should require it.
I home someone could give me any clue.
Regards,
LD
Chris
