Re: [squid-users] login screen

From: Joe Cooper <joe@dont-contact.us>
Date: Fri, 21 Jun 2002 19:59:34 -0500

Not without custom programming.

The key part of this is that your CGI must update the database in
realtime, while the redirector must consult the database to check
whether the user has logged in (and if not, they should be redirected to
the login page).

Another slightly difficult part of the equation is timeouts--i.e. how
long between accesses does the IP go out of the list of authenticated
users? And how does it get updated? Most likely the redirector also
needs to have write access to the database in order to expire users who
haven't accessed in X minutes (a simple "Last-accessed" field in the
database can handle this, but maybe not in the most efficient way, since
it has to be updated on every request).

SquidGuard does use a backend database, but it has no notion of
timeouts, nor the ability to modify the backend database.

It would probably be easiest to start from scratch, rather than
modifying SquidGuard, which was never designed with the plan of
replacing authentication. Then again, if you also need the
functionality of SquidGuard, you'll likely want to start there and build
on it.

Ryan Hairyes wrote:
>>b) Writing a redirector or external_acl helper to Squid that uses this
>>database to authorize the request.
>>
>
> would something like squidGuard work for this????

-- 
Joe Cooper <joe@swelltech.com>
Web caching appliances and support.
http://www.swelltech.com
Received on Fri Jun 21 2002 - 19:00:46 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:08:45 MST