Hi, I want to use Squid as a reverse proxy (accel) to my main website but only if they've authenticated - something like a captive portal (not sure if that's the right phrase). By "authenticated", I don't mean basic or digest etc. I want to provide my own logon page (say php) - I can host another authentication website to host that. How do I go about achieving that? Splash page functionality is something that looks promising in squid but I can't get my head around how to force squid to reverse proxy my site only after users have authenticated on my php splash page. Also I need to terminate their session after 3 hours. http://wiki.squid-cache.org/ConfigExamples/Portal/Splash I can do something like this: #Show auth.php external_acl_type splash_page ttl=60 concurrency=100 %SRC /usr/local/sbin/squid/ext_session_acl -t 7200 -b /var/lib/squid/session.db acl existing_users external splash_page http_access deny !existing_users # Deny page to display deny_info 511:https://myauthserver/auth.php?url=%s existing_users #end authphp #reverse proxy https_port 443 cert=/path/to/x_domain_com.pem key=/path/to/x_domain_com.pem accel cache_peer 1.1.1.1 parent 443 0 no-query originserver ssl sslflags=DONT_VERIFY_PEER name=x_domain_com acl sites_server_x_domain_com dstdomain x.domain.com cache_peer_access x_domain_com allow sites_server_x_domain_com http_access allow sites_server_x_domain_com # end reverse proxy But how is this going to work? I can present a username/password on my auth.php and present a submit button to validate. But how do I tell squid that it is OK to serve x.domain.com? Also is there a better way of achieving my purpose? Thanks. Please help.
