2012/5/3 Eliezer Croitoru <eliezer_at_ngtech.co.il>:
> On 02/05/2012 14:53, E.S. Rosenberg wrote:
>>
>> 2012/5/2 E.S. Rosenberg<esr_at_g.jct.ac.il>:
>>>
>>> Hi,
>>> I just thought I'd share the script I have for the squid side, maybe
>>> someone finds it useful.
>>> I wrote in PHP because I wanted to use prepared statements and am most
>>> familiar with PDO.
>>>
>>> Now my logs have usernames but squid does not allow me to make
>>> proxy_auth acls since I have no auth mechanism configured (this
>>> particular squid instance is a museum piece - 2.6, soon to be
>>> replaced), if this issue also exists in squid 3.1 then how would I
>>> control users based on a username returned through an external ACL?
>>>
>>> Thanks,
>>> Eli
>>
>> I stuck the script on my server, that makes an easier read then from
>> inside a mail:
>> http://kotk.nl/verifyIP.phps
>>
>> Hope that helps,
>> Eli
>>
> i saw your external_acl app and it seems very nice.
> i wrote another one on ruby that seems almost like that(a mimic for
> practice).
> and i was wondering about how do you plan to implement the proxy_auth acls?
> using AD? some other DB?
I am not usre I follow, do you mean how I intend to manage my lists of
usernames?
In that case I am pushing for the use of LDAP properties, then a
script will run every X time, determine whether or not the LDAP
database was changed since the last update (based on change
timestamps) and generate lists of usernames.
Currently we don't have a good way of managing this, I have some
sctipts that work based on the location of a user in our organization
but that is not always correct.
> you mentioned something about the network infrastructure\CISCO if i remember
> right.
Yes, the link of IP->username is generated based on the radius logs of
the server that provides authentication for the wireless.
However as said squid tells me that since I have no auth-mechanism
fully setup I can't use proxy_auth lists so I wonder how can I use the
username I provided in the external acl in the rest of squid?
Thanks,
Eli
>
> Regards,
> Eliezer
>
>
>
> <SNIP>
>
>>> 2012/4/10 akadimi<amine.kadimi_at_gmail.com>:
>>>>
>>>> Hi Amos,
>>>>
>>>> Could you give me more details on your new session helper as soon as it
>>>> becomes available.
>>>>
>>>> Regards,
>>>>
>>>> --
>>>> View this message in context:
>>>> http://squid-web-proxy-cache.1019090.n4.nabble.com/external-acl-code-examples-tp4424505p4546016.html
>>>> Sent from the Squid - Users mailing list archive at Nabble.com.
>
>
>
> --
> Eliezer Croitoru
> https://www1.ngtech.co.il
> IT consulting for Nonprofit organizations
> eliezer <at> ngtech.co.il
Received on Sat May 05 2012 - 20:09:50 MDT
This archive was generated by hypermail 2.2.0 : Sun May 06 2012 - 12:00:03 MDT