Re: [squid-users] transparent proxy and authentication

From: Henrik Nordstrom <hno@dont-contact.us>
Date: Tue, 5 Aug 2003 11:18:37 +0200

On Tuesday 05 August 2003 09.30, Chettawan Senapant. wrote:

> transparent proxy. But suppose I have some firewall box or some
> thing that do firewalling routing and Authentication placed between
> backbone and proxy then set the policy says �whoever want to access
> the proxy server need to be authen on this URL first�. Is this the
> possible solution ? and if it ,which software or firewall can do
> that especially open source :)

This has been discussed over and over again. What you need is

a) A point in your network where unauthorized stations get redirected
to a authentication page

b) A web server which manages the authentication page.

c) A database/registry of some kind keeping track of authorized
stations, and expiring stations when they should no longer have
access.

'a' can be a firewall, or Squid via a external acl helper (queries
'c') + deny_info (redirects).

'b' The authentication page needs to reside on some web server of some
kind and needs to talk to the database in 'c'.

'c' is well.. a database/registry of some kind. What kind is not very
important, what is important is that 'a' and 'b' can both make use of
this to keep track of which stations are authorized to access the
Internet.

-- 
Donations welcome if you consider my Free Squid support helpful.
https://www.paypal.com/xclick/business=hno%40squid-cache.org
If you need commercial Squid support or cost effective Squid or
firewall appliances please refer to MARA Systems AB, Sweden
http://www.marasystems.com/, info@marasystems.com
Received on Tue Aug 05 2003 - 03:19:26 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:18:36 MST