Chris:
Thank you for the patch, and once again raising the question of
authorization in squid.
I have a similar need for greater granularity in authorization.
However, I'm using the NCSA authentication method and not LDAP.
Granted, that I will need to customize the NCSA routine to recognize my
authorization criteria, is your patch generalized enough for me to use,
or is it LDAP specific?
Thanks.
Wade
Chris Hughes wrote:
>
> Last November I posted asking about if it was possible to do
> authorization by acl through proxy authentication, but I don't think
> anything really came of it. I've just had a need to try to do the same
> thing again (basically recreate the behaviour of Netscape Proxy where you
> can allow access to different URLs depending upon the LDAP groups a user
> is in), so I had a quick look at the code and knocked up the attached
> patch (to squid-2.2.STABLE4).
>
> It's pretty horrible, but I'm hoping it might stir up the mud of this
> topic again so that maybe a direction for this concept can be found.
> As a reminder, when I posted last, Henrik made some comments about how
> this should be done. His post is at:
> http://squid.nlanr.net/Mail-Archive/squid-users/9811/archive/0294.html
>
> ta,
>
> Chris
> --
> Chris Hughes
>
> ------------------------------------------------------------------------
> Name: squid-aclauth.patch
> squid-aclauth.patch Type: Plain Text (TEXT/PLAIN)
> Encoding: BASE64
-- ======================================================================== Wade B. Komisar Comp. Sys. Sr. Engineer, Advanced Technology Group Komisar@Virginia.EDU Office of Information Technology voice: 804.924.7171 University of Virginia fax: 804.982.2777 Carruthers Hall, 1001 N. Emmet St. http://www.people.virginia.edu/~wbk3a/ Charlottesville, VA 22906-9005Received on Thu Jul 15 1999 - 07:56:53 MDT
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:47:25 MST