On Fri, 14 Apr 2000, Richard Kershaw enscribed thusly:
RK>G'day all,
RK>
RK>I have been asked to implement a system of fall through
RK>authentication for my workplaces proxies. I was wondering
RK>if anyone had managed to do this?
Yup.
I asked essentially the same question a few days ago, and Henrik Nordstrom
was kind enough to post two methods. Adapting the one I chose to your
situation, you might try something like:
#!/usr/local/bin/perl -w
use IPC::Open2;
open2(*read1,*write1,"/urs/local/squid/bin/squid_ldap_auth ldap1.monash.edu.au");
open2(*read2,*write2,"/usr/local/squid/bin/squid_ldap_auth ldap2.monash.edu.au");
while (<>) {
print write1 $_; $ans = <read1>;
if ($ans =~ /^OK/) { print $ans; next; }
print write2 $_; $ans = <read2>;
if ($ans =~ /^OK/) { print $ans; next; }
print $ans;
}
RK>By Fall-through:
RK>
RK>Squid receives a request for a page;
RK> checks ACL's and finds authentication required
RK> if Authentication comes back negative
RK> (either not found/ incorrect)
RK> use next authentication method.
RK>
RK>More specifically the first authentication method is a
RK>ldap directory mounted locally and the second authentication
RK>call is to the central ldap server which the local ldap's are
RK>refreshed from.
This should do exactly what you asked for.
c
-- Cliff Green green@umdnj.edu Academic Computing Service UMDNJReceived on Fri Apr 14 2000 - 08:59:13 MDT
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:52:56 MST