Re: authenticator for cyrus-sasl sasldb

New authentication modules are always welcome. If it is OK by you I'd
like to include your module in the Squid-2.5 release.

My guess is that most large-scale Squid setups using authentication
are currently using either LDAP or NT Domain or RADIUS as
authentication backend, roughly in that order..

Most large scale Squid installations are not using authentication at
the proxy, authorizing users based on their IP address alone. From
the IP and time of access they can usually track down the user
identity if needed.

Regards
Henrik Nordström
Squid Developer

On Tuesday 05 March 2002 13:32, Ian Castle wrote:
> Apologies if this is the wrong list.
>
> I've written an authenticator for authenticating against a cyrus
> sasldb database of users.
>
> We have a machine that provides squid and imap/pop3 services to a
> relatively large number of students - and we don't want to have
> entries in /etc/passwd for these. So we're using cyrus-imapd and
> cyrus-sasl (with the sasldb database for the list of users).
>
> I am perplexed by the fact that no one has written such an
> authenticator before! I guess that for cases where you have a large
> number of users you would typically have a large number of machines
> and so use some distributed user database such as LDAP... and this
> is the reason why no one has written a simple authenticator against
> the sasl database. Either that I or am missing a trick somewhere...
>
> Anyway, do you want this as a contribution? Currently, the source
> is stand-alone see
> (http://labs.coldcomfortfarm.org/squid-sasl-auth) but if you would
> like it I will put together a suitable Makefile.in so that it can
> be slotted into place in the squid tree.
>
>
> Regards,
>
> Ian.
Received on Tue Mar 05 2002 - 05:51:26 MST