Tim Bernhardson wrote:
> The IP Address of the PC that the user is logged onto is stored in the
> LDAP DB (if you run an LDAP Query on a logged in user, you should see a
> field called networkAddress. With a little research, you could probably
> write a helper(or tweak the current ldap one) to use this information
> for authentication...
>
> I.E. A request comes in, grab the IP Address of the Client & formulate
> an LDAP Query to find if there is a user logged on at that IP Address
> and if there is allow them access..
>
> Tim Bernhardson
There is a cool tool call averist that does almost exactly what you want. It's missing the Squid integration.
It's a perl module, which makes for easy hacking, too. If you want to investigate, check out:
http://www.nongnu.org/averist/
(don't let the domain name fool you)
Thanks,
Josh
> Senior Technical Engineer
> Certified Citrix Metaframe Administrator
> Certified CyberGuard Administrator
> Certified AIX 4.3 System Administrator
> Sun-Maid Growers of California
> 7273 Murray Drive, Ste 18
> Stockton, CA 95210
>
> tbernhar at sunmaid dot com
>
>
>>>>"Craig Sharp" <Cashar@Roushind.com> 01/08/04 08:27AM >>>
>
> Hi,
>
> I am using LDAP to authenticate to Novell E-Dir with Squid for Internet
> access. It is working perfectly, however our management and users do
> not like the fact that when the browser is closed down and reopened,
> they have to authenticate again. They are whining because they do not
> want to have to type in their name when they open the browser several
> times a day.
>
> I need a way to store the authentication so that they will remain
> authenticated and not be challenged by the Squid server when they open a
> new browser for a period of 4 hours. Yes I know that this is defeating
> the purpose of security and authentication, but this is my direction.
>
> TIA,
>
> Craig
Received on Thu Jan 08 2004 - 11:31:34 MST
This archive was generated by hypermail pre-2.1.9 : Sun Feb 01 2004 - 12:00:04 MST