On 03.09.2012 23:28, Stolle, Martin wrote:
I got the idea to modify my squid-guard wrapper in that way that it
returns a OK and the username logged in as OK log=username, this
means, that I have to change the logic, so that squidGuard is used
from a main wrapper process, which knows the name of the user, so
that
it can return it. In that case I could use the "ea" tag in the access
log format to write the user logged in to the access log.
This way isn't very elegant, but it should work.
I think you want to return "OK user=$value" instead of log=. That will
log via %ue.
Squid passes login to --> Wrapper --> asks squidGuard --> if return
line of squidGuard is empty, return OK + "log:username" else return
ERR
Ok,
I'll try to write that small wrapper, but it would be nice, if there
would be an easier way to do so.
Using a dedicated authorizor helper is the proper way to go. SG is not
designed for use in the way you are using it.
You could code the wrapper script to perform directly the same tests SG
is being used for and drop SG.
Amos