Joseph Spadavecchia wrote:
Hi all,
We have a requirement to use different authentication mechanisms based
on the subnet/ip-address of the client.
For example, a client from one subnet would authenticate against ntlm
while a client from another subnet would authenticate against an LDAP
server.
AFAIK, this is normally done by running multiple instances of squid; but
we have the requirement to do it with a single instance. One way of
achieving this would be to modify squid to pass the client's ip-address
along with the authentication information. However, I'd like to do it
cleanly without modifying squid.
Can anyone offer suggestions for doing this cleanly, without
modifications to squid.
Thanks in advance.
Joseph
External ACL taking client IP and Proxy-authentication header contents.
Then doing whatever you like and returning "OK user=XX\n" or "ERR\n"
Amos
--
Please be using
Current Stable Squid 2.7.STABLE6 or 3.0.STABLE13
Current Beta Squid 3.1.0.5
