Search squid archive

Re: Captive Portal authentication in Intercept mode

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 13/03/2015 10:10 p.m., James Harper wrote:
>> Hey,
>>
>> I have written a basic idea with a php "login portal" that can be seen at:
>> http://wiki.squid-cache.org/EliezerCroitoru/SessionHelper/
>> http://wiki.squid-cache.org/EliezerCroitoru/SessionHelper/Conf
>> http://wiki.squid-cache.org/EliezerCroitoru/SessionHelper/PhpLoginExample
>> http://wiki.squid-cache.org/EliezerCroitoru/SessionHelper/Python
>> http://wiki.squid-
>> cache.org/EliezerCroitoru/SessionHelper/SplashPageTemplate
>>
>> The idea is an IP session based login.
>> The user actively needs to login and it will login the user IP address.
>> The helper(s) logic is based on time since the last user login.
>> This idea can be used as a sketch for a more advanced options with a portal.
>>
>> There are other better ways to implement this idea and one of them is
>> using a radius server.
>>
>> As you noticed there is no way to directly authenticate a proxy in
>> intercept mode.
>> Maybe someone out-there have been thinking about a way to do such a
>> thing but it is yet to be possible with squid.
>>
> 
> If you could do ntlm auth at your portal page then the user might never even notice that authentication took place...
> 
> You'd need to do some sort of browser detection though - browsers could handle such authentication, but programs phoning home or otherwise using web services would hate it.
> 

That auth trick is usable for any kind of HTTP auth the client software
supports. eg. Basic auth for the automated tools usually. It's just
authenticating to the portal web server. As long as the portals not
trying to do auth with the intercepted traffic its fine.

FYI: NTLM is probably amongst the worst ways to do it given all the
nastiness that has to take place for NTLM to "work".

Amos

_______________________________________________
squid-users mailing list
squid-users@xxxxxxxxxxxxxxxxxxxxx
http://lists.squid-cache.org/listinfo/squid-users





[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux