Squid authentication

Skylar Thompson skylar at cs.earlham.edu
Wed Aug 18 21:36:42 UTC 2004 

On Fri, Aug 13, 2004 at 11:20:19AM -0300, Marcelo Magno wrote:
> 
> I read that by ACLs in the squid configuration we can block some sites
> and block some user ips from accessing the cache, (and by that prevent
> some users not to access the internet).
> 
> I have a problem that I need to configure how a PERSON can access the
> internet, not am IP because the same machine is shared by two or more
> users.
> 
> Is there a way to have squid to give (or not) access based on groups on
> a windows domain like samba does with winbind?
> 
> Can anyone point me some docs on how this is done?

Oops. Forgot the script. Here it is.

-- 
-- Skylar Thompson (skylar at cs.earlham.edu)
-- http://www.cs.earlham.edu/~skylar/
-------------- next part --------------
#!/usr/bin/env python

from imaplib import IMAP4
import sys


#IMAP server against which we authenticate
server="imap.cs.earlham.edu"
#Port number for IMAP server. Usually 143
port=143


#Below here you shouldn't need to edit anything

while 1:

	#Read user and password from stdin, remove the newline, split at the space
	#and assign to the user and password variables

	line=sys.stdin.readline()[:-1]
	[user,password]=line.split(' ')

	#Connect to the IMAP server

	p=IMAP4(server,port)

	#Try to authenticate. If it doesn't work, it throws an exception

	try:
		p.login(user,password)
	except:

		#If it threw an exception, log in cache.log the auth booboo
		sys.stderr.write("ERR authenticating %s\n"%user)
		#Then deny access
		sys.stdout.write("ERR\n")
		#IMPORTANT!!!!!!!!!!!! Flush stdout
		sys.stdout.flush()
		continue

	#If it didn't throw exceptions, that means it authenticated

	#Log success to cache.log
	sys.stderr.write("OK authenticated %s\n"%user)
	#Then allow access
	sys.stdout.write("OK\n")
	sys.stdout.flush()
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/fedora-list/attachments/20040818/ab75edb4/attachment-0001.sig>

More information about the fedora-list mailing list