> -----Original Message----- > From: Henrik Nordstrom [mailto:henrik@xxxxxxxxxxxxxxxxxxx] > Sent: Friday, September 19, 2008 2:31 PM > To: Andrew Struiksma > Cc: 'squid-users@xxxxxxxxxxxxxxx' > Subject: Re: Reverse proxy with LDAP authentication > > On fre, 2008-09-19 at 13:04 -0700, Andrew Struiksma wrote: > > We have a company intranet server running Apache2 on Debian 4. > > Currently it is only available on our LAN. We would like to make it > > available outside our LAN. However, we want users to have to > > authenticate against our Active Directory when they are coming from > > the outside. Once they have authenticated, they should have full > > access to the internal website. Is this something that Squid can do? > > Yes, with some limitations. > > The limitation is that there is only one authentication slot > in HTTP, so if the web server also uses HTTP authentication > then it needs to use the exact same authentication (basic > authentication to the same password backend), or you need to > set up a special authentication peering between the two (see > the login= cache_peer option). > > > Note: If the web server is only using cookie based forms > authentication then there is nothing to worry about. The main website used form based cookie authentication but can also use HTTP authentication. Is there a sample squid.conf on how to perform the reverse proxy + AD authentication? Thanks for the info. Andrew
