García García, Alberto wrote:
> Hi, the reult of squid_ldap_auth was sucesfull. Now i want to validate
> users that are members of a group.
>
> It´s posible?.
Yes. Everything is possible in this world ;-)
Seriously; no, not yet. At this time squid_ldap_auth requires you to store an
attribute in the user, allowing you to match what is valid users by
specifying a LDAP search filter.
In future there is two possible approaches
a) The squid_ldap_auth helper can be extended to only accept users being
member of a (single) specified group. Have even seen some incomplete patches
for this.
b) Another helper can be used via the external_acl extension
<http://devel.squid-cache.org/external_acl/> to allow you to match usernames
and groups freely.
'a' can be implemented today by only changing the helper.
'b' requires some patching to Squid. The needed Squid support is likely to
appear in Squid-2.6.
-- Basic free Squid support provided thanks to MARA Systems AB Your source of advanced reverse proxy solutions or customized Squid solutions. http://www.marasystems.com/products/Received on Tue Apr 16 2002 - 13:43:14 MDT
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:07:35 MST