-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Hi, I'm already using LDAP authentication and the company I work for tries to put a lot of authentication and authorization (meta-)information inside LDAP. This week, we were wondering if it is possible to use LDAP as a backend for acl lists. The idea would be to get a list of domains for a user or a list of source domains for an acl and so on, instead of putting the list on squid.conf or in and external file, LDAP would be the "repository". Looking to the standard config it doesn't seems to be possible, the only external "repository" would be a file, but do you believe it is possible to try to achieve it using external_acl? Writing a custom script that would get info from LDAP and check different items and conditions? In principle, the discussion lead us to having an LDAP object for squid with generic lists, like sites allowed for all the company, sites for a Walled Garden, sites restricted for different groups, but we also spoke about having lists per-user, as every person would have an object inside LDAP, we could have a field that would add or remove sites from the previous lists in a per-user basis. What do you think? Have anybody heard about anything on those lines? Thanks in advance for any info/suggestions. :) Kind regards, - -- Felipe Augusto van de Wiel <felipe.wiel@xxxxxxxxxx> Tecnologia da Informação (TI) - Complexo Pequeno Príncipe http://www.pequenoprincipe.org.br/ T: +55 41 3310 1085 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQIcBAEBCgAGBQJLH7V+AAoJECCPPxLgxLxPdjgP/Ai4DCQRoE6rvU6y1bpAlcbG tSgA22nBr2bdPfE2HYkEROyH8T0PzwVJVuoD1v7XYOy31ZRsmET9Y45vLBwYR1t5 1ic1j4N5GHrSJ0iZj7+fCAoi5rKW3EghewYYvZ6poFKrpNVjsIY9z2SqYCW48mHi itfeen/FYHI0dHNAoryGE/0YThtGGcIsjA/YlnQ2jb9gEvolQOvGNIcMTeKNJZEy zFjgd/wjyzb0Q9tEI7cYGA+PgMfxLdWernPnrWpNsReg6u5Bt7LajJB5yzYOHvzZ 2x9/bsnqwaN0r0zN2uL+zpEP/dzNK4kctshCe7sOclTBg9fkL+VoTnVDkZjIWeKL B5AwqvoaQ85MD5ueG/nWAqXJJqdcaAyGCa+fHY0Rg84G0a6P/gmgAM5qi1JxVp4t yJQaMxDyxmTtdwOmR4LPXeOwu6LaLoCxI1Dd3AyMTGNmb2c5iSeCxhsYdVMqkfO2 0hs3KeDqYTSAERq1tihNpx5st8cmTIfFDlKon+d1ZE21sBNPhjAMzHUWa9pTw7RW gJdLBQYVJUkRmSmxqdW0m39yi07e7H+34Qo8Qi3lmImezF6DlqBjUsxpp2XkmKZN MfgSV7N+TUOtdWHxJZAFbEAmkxGgyVPkCgtN4B/m3aDwU/CcuiqNUg5h5R0gKXvT Vyso4h8Qi9UoIsbzlqJy =nwRu -----END PGP SIGNATURE-----