Re: [squid-users] disclaimer prior to authentication?

From: Henrik Nordstrom <hno@dont-contact.us>
Date: Wed, 13 Jun 2001 23:27:51 +0200

Martin A. Brooks wrote:

> This has been discussed several times before iirc. The net result of these
> was that it wasn't a Squid problem. The only way round it seems to be a
> mandatory unchangeable homepage.

I have been thinking a bit more on this issue after seeing the question
arise yet another time, and there are a couple of schemes that could be
made to work:

1. Mandatory homepage

2. "Session" emulation, redirection the first request of a assumed
session to the "disclaimer" page (with the requested URL as a argument,
allowing the user to click OK on the disclaimer to continue surfing).

3. Variation of 2 comined with authentication, and assuming that the
browser is working correctly and is caching the login information, and
you are using Basic HTTP proxy authentication (not NTLM). When a request
is seen without login information and the referer is not your disclaimer
page, send a temporary redirect to the disclaimer page. This should
emulate sessions without having to actually keep track of anything.

There probably is a couple of other possible approaches as well.

--
Henrik Nordstrom
Squid Hacker
Received on Wed Jun 13 2001 - 15:28:33 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:00:44 MST