Search squid archive

Re: Using multiple auth scheme types in one squid instance?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Adrian wrote:
On Mon, Mar 17, 2008 at 9:25 PM, Amos Jeffries <squid3@xxxxxxxxxxxxx> wrote:

 Squid does not differentiate the types of auth a user has done.
 It tries all methods its configured with (in the order configured) until
 one succeeds. The common way to do this appears to be to use the
 least-accepting method first and failover to the most-accepting. Or
 vice-versa depending on the situation.

I want to put 'trusted' users through NTLM fakeauth so I can capture
their usernames without bothering them with a popup auth box. For the
'untrusted' user subnets,  I want to give them a popup box and make
them authenticate.

Since fakeauth will always pass,  I can't just configure the schemes in
succession.  I was thinking of writing my own fakeauth code which
rejected anything in my 'untrusted' IP list forcing it to the next auth
scheme, but I don't think the IP address is passed to authenticate
scheme by squid to check against?

Any other ideas?

Not really. The kind of thing you are trying to do is not commonly spoken of around here. So we don't have any standard easy way of doing it.

Amos
--
Please use Squid 2.6STABLE17+ or 3.0STABLE1+
There are serious security advisories out on all earlier releases.

[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux