On 16/04/11 12:30, Joachim Wiedorn wrote:
> Hello,
>
> since some days I search for the way how I can use the login data of the
> user on his computer (client) for authentication check while he is using
> his browser.
>
> As I have understood if I activate authentication in /etc/squid3/squid.conf
> then the browser ask the user at the first time of web access for username
> and password. But the user always have done a login on this client computer
> so why must I start this second authentication check of the user?
>
> This way would be useful for use with LDAP or AD, but also with PAM
> authentication.
>
> Does anywhere know the solution?
There are two.
1) Use a browser configured to send the machine login as if it was a
network login. (holy wars are fought over whether this is a good idea or
even safe).
2) use IDENT protocol to query the machine about what user is logged in.
This stops being authentication though. It is hard to determine if the
machine logged in user is actually the software making the request (or
just a virus etc running while they are logged in or someone else
"connection sharing" through that login).
Oh and (2) is firewalled widely around the net for security. So only
works reliably on LAN.
Amos
-- Please be using Current Stable Squid 2.7.STABLE9 or 3.1.12 Beta testers wanted for 3.2.0.6Received on Sat Apr 16 2011 - 01:17:36 MDT
This archive was generated by hypermail 2.2.0 : Sat Apr 16 2011 - 12:00:04 MDT