Re: [squid-users] reverse proxy and single sign-on

From: Amos Jeffries <squid3_at_treenet.co.nz>
Date: Sat, 16 Aug 2008 15:33:00 +1200

Chris Robertson wrote:
> juan romero wrote:
>> Hello users
>>
>> First I want to apologize if any of my questions has been asked already.
>>
>> I have two web applications running on my lan, every application has a
>> main page with a box where you introduce an user and a password in
>> order to log in that application, The applications are company made so
>> I can not access/modify the code.
>>
>> I want to have a reverse proxy and a single sign-on so my costumers
>> can connect to the applications from the internet, they will have just
>> a main page and they will need just to introduce user and name once to
>> log into a page that will link both applications, both user and
>> password are the same in both applications.
>>
>> I have never use Squid and I wan to know if Squid is the right
>> solution (pros/cons) to accomplish the requirements I wrote already. I
>> just don't know if using Squid will full fit all the goals with a
>> regular (time/effort) investment.
>> Any help or idea will be very nice from you people
>>
>> Regards
>>
>> Juan Romero
>>
>
> Without knowing anything about the applications, I'd have to guess that
> the login boxes they use each set a cookie (and a different cookie for
> each). The cookie corresponds to a "session" that the application keeps
> track of. There is no way for Squid to control such a session.
>

If the applications do or can be made to use Basic WWW-Authentication
instead. Squid can use "login=PASS" (exact string) to send the clients
login details to back-end servers.

Provided they are available from the same FQDN, both will receive the
same details and only one login box to retrieve hem from the user.

Amos

-- 
Please use Squid 2.7.STABLE3 or 3.0.STABLE8
Received on Sat Aug 16 2008 - 03:32:55 MDT

This archive was generated by hypermail 2.2.0 : Sat Aug 16 2008 - 12:00:03 MDT