SSO identification on Squid

From: Vincent Deffontaines <vincent.deffontaines@dont-contact.us>
Date: Mon, 21 Jun 2004 15:35:42 +0200 (CEST)

Greetings,

I am writing to you as a Nufw developper. Nufw is, shortly said, a
users-aware firewall, released on GPL v2. Basically, it marks any (TCP and
others) connections with a user id. This leads to (hopefully) interesting
perspectives in terms of transparent users identification/authentication.

Right now, an apache module exists, which lets users be identified to an
Apache server, without any interactive login/password prompt.

More details about the nufw project can be found at www.nufw.org.

Anyway, this email is not about Nufw, sorry about this too long introduction.

In a view to create a SSO authentication solution (based on nufw) for
Squid, we need to build an authentication module for squid. It needs the
following informations from squid : (source IP, source Port, destination
IP, destination port), all these about the connection from the
browser/client to the Squid server.

In the nufw point of view, user should not be prompted with
username/password (or maybe in a second period, if user cannot be
identified through Nufw).

I have read this thread :

http://www.mail-archive.com/squid-dev@squid-cache.org/msg01881.html

which is about the source IP address, so I suppose this should be possible.

We are very much interested if someone could give us tracks to follow to
accomplish this goal.

Regards,

Vincent Deffontaines
Received on Mon Jun 21 2004 - 10:16:00 MDT

This archive was generated by hypermail pre-2.1.9 : Wed Jun 30 2004 - 12:00:03 MDT