Re: [squid-users] Captive portal terminal server

From: Ricardo Klein <klein.rfk_at_gmail.com>
Date: Thu, 27 Jun 2013 14:57:07 -0300

If you use active diroctory, maybe make your rules based on ldap_group
and not in IP address?

--
Att...
Ricardo Felipe Klein
klein.rfk_at_gmail.com
On Thu, Jun 27, 2013 at 2:42 PM, Antony Stone
<Antony.Stone_at_squid.open.source.it> wrote:
> On Thursday 27 Jun 2013 at 19:20:10, Oliveiros Peixoto (Netinho) wrote:
>
>> Hi Antony.
>>
>> I have different acls that permit or deny access to urls. These acls
>> apply to groups and users where they are identified by the ip/user you
>> are logged in mysql.
>> If multiple users log into the same station I will not be able to apply
>> these acls.
>
> In that case (if you cannot select the correct ACL based on just the user
> part, from the group which might use that IP) I cannot think of a solution :(
>
> I'd be interested if anyone else has an alterantive idea, though.
>
> Out of interest, given that the usernames on the terminal server machine must
> be unique, and you can therefore identify them to specific people, why can't
> you assign userA/IPx to ACL1, userB/IPx to ACL2 etc?
>
> Maybe you're sharing 5 usernames on the terminal server amongst 25 actual
> people?
>
>> Em 27/06/2013 14:12, Antony Stone escreveu:
>> > On Thursday 27 Jun 2013 at 19:06:45, Oliveiros Peixoto (Netinho) wrote:
>> >> Hello everyone!
>> >>
>> >> I would like to clarify some issues with you. I need to set up a captive
>> >> portal for authentication of my users. I make this using External_acl
>> >> program that getting user and ip in mysql. The problem is that now I
>> >> have a windows server where multiple users use the terminal service and
>> >> using any browser for navigation making it impossible to authenticate a
>> >> user / ip. Does anyone have a solution for this problem?
>> >
>> > Can't you just put:
>> >
>> > userA / IPx
>> > userB / IPx
>> > userC / IPx
>> >
>> > into the database, so that all the users are accepted as coming from the
>> > same IP?
>> >
>> > After all, what's the difference from a single PC where different users
>> > could log on, but have the same IP address?
>
> Regards,
>
>
> Antony.
>
> --
> "640 kilobytes (of RAM) should be enough for anybody."
>
>  - Bill Gates
>
>                                                      Please reply to the list;
>                                                            please don't CC me.
Received on Thu Jun 27 2013 - 17:57:17 MDT

This archive was generated by hypermail 2.2.0 : Fri Jun 28 2013 - 12:00:07 MDT