Re: [squid-users] Session helper question

sön 2007-04-29 klockan 14:43 -0400 skrev Tuc at T-B-O-H.NET:

> "The above can be accomplished with the help of the session acl helper in
> it's active mode, combined with a internal web server for serving the
> splash page and redirecting the user back to the requested URL when
> clicking on Connect."

If you need the user to actively click on Connect then yes. If you just
need to have the spash page displayed once then not.

The configurations build on each other, so start with the default
automatic mode, then when you have got an understanding of how that
works look into the active mode to force active confirmation. The
difference is mainly in Squid acls.

> Which is exactly what I want. And all I'm looking for is
> WHAT is used to determine that the "session" is there. Is it a cookie?
> A pop up? A mac address? An IP address?

Whatever you specify in the external_acl_type format.

Cookie can not easily be used in an Internet proxy as there is no
concept of "proxy cookies" in HTTP.

> What is the way in the example? I don't see it passing anything
> it seems except %LOGIN. Whats %LOGIN comprimised of?

See the external_acl_type directive.
>

> 1) User attempts to access a.b.c.d
> 2) Squid sents to acl helper
> 3) ACL helper matches BLAH against BLEH

The acl helper checks if it has seen "BLAH" in an active session.

> 4) If there is a match, page can be retrived
> 4b) If not, then user is directed to another page
> 5) When BLOOP is done, a FROIBLE is stored and....
>
> So I'm trying to find out what the ACL is matching
> to see if the user was seen or not...

Whatever you say in external_acl_type defines the session identifier.

Then the presence of a session is determined by the automatic/active
mode of the helper. In active mode a LOGIN must be explicitly sent to
the helper to start the session, in automatic mode the session is
automatically started after the first request (note: after. First
request is not considered part of the session).

Regards
Henrik