On 20/9/2011 4:53 μμ, Luis Daniel Lucio Quiroz wrote:
> c) you may relay secure auth with radius+https, after auth sucessful
> with a browser that client ip shall surf
Hi Luis,
Please give me some details on the radius scenario:
How does this relaying of radius authentication should be setup? Here is
my understanding:
My radius server is at radius.example.com and squid is at
myproxy.example.com. On radius.example.com we define
myproxy.example.com as a client (with a secret). Now squid can
authenticate a user to radius (through the squid_radius_auth helper).
So, let's say we create a php page with a login form (asking for user's
username/password), accessible via https, and we host it at
mywebserver.example.com (or we must host it at the same machine where
squid is running, that is: myproxy.example.com?); this form (i.e. the
application using the form), when posted by a client browser, should
submit user's credentials to *squid* (i.e. to myproxy.example.com and
*not* to radius.example.com) for authentication check? Then, if
successful, the client browser can use squid as a proxy?
Thanks,
Nick
This archive was generated by hypermail 2.2.0 : Sat Sep 24 2011 - 12:00:03 MDT