On fre, 2008-09-19 at 13:04 -0700, Andrew Struiksma wrote: > We have a company intranet server running Apache2 on Debian 4. > Currently it is only available on our LAN. We would like to make it > available outside our LAN. However, we want users to have to > authenticate against our Active Directory when they are coming from > the outside. Once they have authenticated, they should have full > access to the internal website. Is this something that Squid can do? Yes, with some limitations. The limitation is that there is only one authentication slot in HTTP, so if the web server also uses HTTP authentication then it needs to use the exact same authentication (basic authentication to the same password backend), or you need to set up a special authentication peering between the two (see the login= cache_peer option). Note: If the web server is only using cookie based forms authentication then there is nothing to worry about. Regards Henrik
