Re: [squid-users] Authentication Hack

From: Adrian Chadd <adrian@dont-contact.us>
Date: Sat, 1 Mar 2008 12:44:55 +0900

look at external acl helpers. You may find what you're looking for.

Adrian

On Fri, Feb 29, 2008, Dave Coventry wrote:
> I understand that transparent proxy cannot ask the browser for
> Authentication because the browser is not aware of the existence of
> the proxy.
>
> I can't believe that there is not a work-around for this...
>
> I have several laptops on my network which are used on other networks,
> so I need the connection through the proxy to be "automagic" to the
> extent that I don't need to ask my CEO to reconfigure his browser
> everytime he comes into the office. But I also need to be able to
> track web usage.
>
> I have thought up a hack involving the following:
> I can set up a file containing an ip address on each line /etc/squid/iplist.
>
> Then I set up the squid.conf to have the following line:
>
> acl authorisedip src "/etc/squid/iplist"
>
> I changed the ERR_ACCESS_DENIED file to contain a form which calls a
> perl program (catchip.pl) passing it a username and password which, if
> correct, appends the user's ip to the /etc/squid/iplist file.
> (removing the IP when the user closes his browser would be trickier).
>
> However, this all falls down because it appears that the file is only
> parsed on startup which sort of subverts it's usefulness.
>
> I can't believe that this avenue has not been fully explored. Can
> anyone comment on this hack?
>
> Is there a simpler method of getting this done?

-- 
- Xenion - http://www.xenion.com.au/ - VPS Hosting - Commercial Squid Support -
- $25/pm entry-level VPSes w/ capped bandwidth charges available in WA -
Received on Fri Feb 29 2008 - 20:30:57 MST

This archive was generated by hypermail pre-2.1.9 : Sat Mar 01 2008 - 12:00:06 MST