Dear Squid users,
I was wondering if the following can be accomplished in squid:
Say, a user starts using the proxy
1 he is not logged, so he gets redirected to a webpage over https
2 the webpage authenticates him, and sets a cookie in his browser
3 he is then redirected to the original url he was surfing to
4 squid checks if the cookie is valid and authenticates the user
5 the user can surf till he closes his browser
In step 4 we never go to the authentication webpage unless the cookie is
not valid.
In the back ground we would then run a script that parses the log file
and updates a database. So the next time a user logs in we can deny him
access.
The current solutions I have found have the following problems:
- they use basic authentication, so password is sent in clear text of
the wire
- they redirect all requests to a redirect url
Can it be done with squid?
Thanks in advance,
-- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- Rudy Gevaert Rudy.Gevaert_at_UGent.be tel:+32 9 264 4734 Directie ICT, afd. Infrastructuur Direction ICT, Infrastructure dept. Groep Systemen Systems group Universiteit Gent Ghent University Krijgslaan 281, gebouw S9, 9000 Gent, Belgie www.UGent.be -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- --Received on Wed Apr 08 2009 - 21:33:45 MDT
This archive was generated by hypermail 2.2.0 : Thu Apr 09 2009 - 12:00:02 MDT