RE: [squid-users] LDAP groups with a redirector

From: Dave Raven <dave@dont-contact.us>
Date: Fri, 20 Aug 2004 09:19:31 +0200

Hi,
        NTLM authentication passes domain and user information to
squidGuard, I think in the format domain/username or visa versa. Would it be
possible/worthwhile (with group_ldap - and perhaps some code changes from
us) to pass username/group to the redirector, at which stage we'll handle
splitting it etc?

Thanks again
Dave

-----Original Message-----
From: Henrik Nordstrom [mailto:hno@squid-cache.org]
Sent: 19 August 2004 02:56 PM
To: Dave Raven
Cc: squid-users@squid-cache.org
Subject: Re: [squid-users] LDAP groups with a redirector

On Thu, 19 Aug 2004, Dave Raven wrote:

> I have been looking into the group_ldap acl's in squid, and they
> look great. My problem is, are there any redirectors or ways to pass the
> group to a redirector, that will act on these ldap groups. Or ones with
ldap
> support? At the moment I'm using squidguard and its not looking likely

The external_acl information can not be passed to redirectors.

But you should be able to extend your redirector to perform the required
lookups. Not very efficient thou..

What is needed for this to work is some kind of tagging mechanism where
http_access can assign a tag to the request and this passed to redirectors
etc.

Regards
Henrik
Received on Fri Aug 20 2004 - 01:19:00 MDT

This archive was generated by hypermail pre-2.1.9 : Wed Sep 01 2004 - 12:00:02 MDT