Re: [squid-users] 2.4 Stable 1 & TACACS Authentication

From: Marc van Selm <marc.van.selm@dont-contact.us>
Date: Wed, 05 Sep 2001 09:54:35 +0200

At 10:09 AM 8/18/01 +1000, Luke Sheaves wrote:
>Hi,
>
>I want to be able to perform authentication using TACACS+.. on a live
>server rather than using a exported password file...
>
>Any pointers tips etc?

I am not aware of a TACACS+ authenticator so you have to make it yourself.
You could use Miquel van Smoorenburg's TACACS to RADIUS server. That is
just a translator to RADIUS. You could use the TACACS part to make your own
authenticator. (http://miquels.www.cistron.nl/portslave.html and get tacp2rad)

You could use my radius authenticator (which is still the old one for those
that are interested to use squid_rad_auth because I did not get arround to
fully test 1.06) as a starter for the squid interface
(http://selm.www.cistron.nl/authtools/index.html)

Make sure that the interface to squid is line buffered (or unbuffered)!

You could also consider to go for RADIUS all together and use tacp2rad as a
legacy interface.

Marc

>Thanks,
>
>Luke

---------------------------------------------------------
Marc van Selm
NATO C3 Agency, CSD/A

*********************************************************
** -- This mail is personal -- **
** All statements in this mail are made from my own **
** personal perspective and do not necessarily reflect **
** my employer's opinions or policies. **
*********************************************************
Received on Wed Sep 05 2001 - 01:54:55 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:02:03 MST