Re: [squid-users] Transparent Proxy and NT Authentication

From: Matus UHLAR - fantomas <uhlar@dont-contact.us>
Date: Wed, 19 Mar 2008 11:30:45 +0100

On 18.03.08 12:44, Nick Duda wrote:
> I know with older squid versions, you could not query AD/LDAP for
> authentication using a transparent setup. I want to be able to have the
> clients gateway point to the proxy and autnehticate them based on AD (like
> I do now in a non-transparent setup). Then obviously when authenticated
> forward 80/443 to its local 3128 (iptables for this) and anything else to
> another gateway, the core router.
>
> Can this be done with 2.6?

the impossibility of authenticating intercepted users does not come from
squid version, but from the principle. You only can "authenticate" user by
querying some service that tells you which user is logged in given IP. No
browser will authenticate to a proxy if it thinks there is no proxy...

-- 
Matus UHLAR - fantomas, uhlar@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
The 3 biggets disasters: Hiroshima 45, Tschernobyl 86, Windows 95
Received on Wed Mar 19 2008 - 04:30:50 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Apr 01 2008 - 13:00:05 MDT