Re: [squid-users] Captive portal terminal server from Amos Jeffries on 2013-06-27 (squid-users)

From: Amos Jeffries <squid3_at_treenet.co.nz>
Date: Fri, 28 Jun 2013 05:52:12 +1200

On 28/06/2013 5:47 a.m., Oliveiros Peixoto (Netinho) wrote:
> Antony,
>
> Each person has a user terminal server and a user for the proxy. Each
> user belongs to a group and each group has its rules.
>

Then the users will always be logged in with their usernameand uniquely
dentifiable from that. Where is the problem?

Amos

> Em 27/06/2013 14:42, Antony Stone escreveu:
>> On Thursday 27 Jun 2013 at 19:20:10, Oliveiros Peixoto (Netinho) wrote:
>>
>>> Hi Antony.
>>>
>>> I have different acls that permit or deny access to urls. These acls
>>> apply to groups and users where they are identified by the ip/user you
>>> are logged in mysql.
>>> If multiple users log into the same station I will not be able to apply
>>> these acls.
>> In that case (if you cannot select the correct ACL based on just the
>> user
>> part, from the group which might use that IP) I cannot think of a
>> solution :(
>>
>> I'd be interested if anyone else has an alterantive idea, though.
>>
>> Out of interest, given that the usernames on the terminal server
>> machine must
>> be unique, and you can therefore identify them to specific people,
>> why can't
>> you assign userA/IPx to ACL1, userB/IPx to ACL2 etc?
>>
>> Maybe you're sharing 5 usernames on the terminal server amongst 25
>> actual
>> people?
>>
>>> Em 27/06/2013 14:12, Antony Stone escreveu:
>>>> On Thursday 27 Jun 2013 at 19:06:45, Oliveiros Peixoto (Netinho)
>>>> wrote:
>>>>> Hello everyone!
>>>>>
>>>>> I would like to clarify some issues with you. I need to set up a
>>>>> captive
>>>>> portal for authentication of my users. I make this using External_acl
>>>>> program that getting user and ip in mysql. The problem is that now I
>>>>> have a windows server where multiple users use the terminal
>>>>> service and
>>>>> using any browser for navigation making it impossible to
>>>>> authenticate a
>>>>> user / ip. Does anyone have a solution for this problem?
>>>> Can't you just put:
>>>>
>>>> userA / IPx
>>>> userB / IPx
>>>> userC / IPx
>>>>
>>>> into the database, so that all the users are accepted as coming
>>>> from the
>>>> same IP?
>>>>
>>>> After all, what's the difference from a single PC where different
>>>> users
>>>> could log on, but have the same IP address?
>> Regards,
>>
>>
>> Antony.
>>
>
Received on Thu Jun 27 2013 - 17:52:20 MDT

This archive was generated by hypermail 2.2.0 : Thu Jun 27 2013 - 12:00:07 MDT