Re: [squid-users] Session Tracking

From: Amos Jeffries <squid3_at_treenet.co.nz>
Date: Fri, 16 Sep 2011 00:06:20 +1200

On 15/09/11 15:33, Matt Cochran wrote:
> I'd like to be able to 'lightly' authenticate my users with an
> external login process/web application, I say lightly because
> security isn't as important as distinguishing between users coming
> from the same NAT'd IP address. Is there either a way to set a
> session ID that can be read from the Squid process, or is there a
> better way to distinguish between users like this?

With great difficulty.

You can write (find?) an external ACL helper to accept the Cookie header
and process it for a session ID and present that back to Squid as a
user= or tag= key value.

Why does the NAT'd IP address matter that much? relying on cookies will
still fail if the user does not want you to get any cookies from them,
or if they are fetching cached content from Squid.

Amos

-- 
Please be using
   Current Stable Squid 2.7.STABLE9 or 3.1.15
   Beta testers wanted for 3.2.0.11
Received on Thu Sep 15 2011 - 12:06:24 MDT

This archive was generated by hypermail 2.2.0 : Thu Sep 15 2011 - 12:00:02 MDT