On Wed, 27 Apr 2011 15:42:51 +0200, Rafal Zawierta wrote:
Hello,
Is it allowed to implement in Squid3 two helpers?
1. I need to authenticate users via squid_kerb_auth
2. I need to check if user is in AD group -> squid_kerb_ldap
3. I need to chech, if user is on my local database (has performed
some action on server) - I'll write my own simple helper.
Is it possible to use both (2) and (3) so:
If user is not in AD - deny http
If user is in AD but my_helper returns Err - deny http with my own
page
If squid_kerb_ldap AND my_helper is OK - allow http traffic.
Yes this is possible in all Squid since 2.6 AFAIK.
One auth_param negotiate program to validate the credentials are
correct and multiple named external_acl_type helpers to check the
groups.
Amos
