Re: Dynamic ACL Regex's associated with authenticated user

From: Henrik Nordstrom <henrik@dont-contact.us>
Date: Thu, 01 Mar 2007 20:59:38 +0100

mån 2007-02-05 klockan 13:13 -0500 skrev louis gonzales:
> Hello Dev team,
> I'm curious, but have found limited information through different FAQ's
> and archives about Squid functionality, which provides dynamic new
> regex's to be checked against specific authenticated users?

Yes.

> Two functionalities I'm wondering about specifically:
> 1) Can Squid use a database server such as Postgres/MySQL to store the
> ACL regex's or in genearl all ACL's, so that Squid can query on the fly?

Yes, but it requires an external helper talking to the database and
matching the regex or whatever pattern type you use..

> 2) Is it possible to associate 'authenticated users' to these ACL's?

Yes.

See the external_acl_type directive for how to plug in your own acl
helper. Once active it works pretty much like any other kind of acl such
as src/dst/dstdomain/url_regex etc.

There is an internal cache of the helper queries so it's most effective
if you don't need the URL-path sent to the helper.

Regards
Henrik

Received on Thu Mar 01 2007 - 12:59:44 MST

This archive was generated by hypermail pre-2.1.9 : Sun Apr 01 2007 - 12:00:01 MDT