On 15/09/11 15:33, Matt Cochran wrote:
I'd like to be able to 'lightly' authenticate my users with an
external login process/web application, I say lightly because
security isn't as important as distinguishing between users coming
from the same NAT'd IP address. Is there either a way to set a
session ID that can be read from the Squid process, or is there a
better way to distinguish between users like this?
With great difficulty.
You can write (find?) an external ACL helper to accept the Cookie header
and process it for a session ID and present that back to Squid as a
user= or tag= key value.
Why does the NAT'd IP address matter that much? relying on cookies will
still fail if the user does not want you to get any cookies from them,
or if they are fetching cached content from Squid.
Amos
--
Please be using
Current Stable Squid 2.7.STABLE9 or 3.1.15
Beta testers wanted for 3.2.0.11
