Re: [squid-users] Access control by user age

From: Amos Jeffries <squid3_at_treenet.co.nz>
Date: Sun, 26 Apr 2009 13:10:23 +1200

Christian Tosta wrote:
> Hello list,
>
> For a time I'm searching web and squid lists for a solution for my case.
> I need to check users age when they try to access some sites like Orkut.
> In our environment we have a LDAP directory when user data is stored and
> I can search for user personal data. I found the external_acl is the best way
> to do this. IP-AUTH solution seens to help, but in our case we use thin-clients
> and have all the same ip of server. Transparent proxy is configured to avoid
> users deconfigure browser proxy settings and skip proxy rules. Someone can
> have a idea how can I implement this?

1) block web access for the people sending requests to the squid
interception catching port. Send them to a page indicating they require
the proxy settings and how to set back to the correct values.

2) implement WPAD to let people use 'auto-detect' in their browser
instead of explicit settings. Will reduce the chances of people seeing
the proxy issued and thinking to remove. Also reduces maintenance
hassles when proxy changes.

3) configure regular user auth alongside the external helper checking ages.

Amos

-- 
Please be using
   Current Stable Squid 2.7.STABLE6 or 3.0.STABLE14
   Current Beta Squid 3.1.0.7
Received on Sun Apr 26 2009 - 01:10:39 MDT

This archive was generated by hypermail 2.2.0 : Sun Apr 26 2009 - 12:00:02 MDT