Squid authentication
Skylar Thompson
skylar at cs.earlham.edu
Wed Aug 18 21:36:42 UTC 2004
On Fri, Aug 13, 2004 at 11:20:19AM -0300, Marcelo Magno wrote:
>
> I read that by ACLs in the squid configuration we can block some sites
> and block some user ips from accessing the cache, (and by that prevent
> some users not to access the internet).
>
> I have a problem that I need to configure how a PERSON can access the
> internet, not am IP because the same machine is shared by two or more
> users.
>
> Is there a way to have squid to give (or not) access based on groups on
> a windows domain like samba does with winbind?
>
> Can anyone point me some docs on how this is done?
Oops. Forgot the script. Here it is.
--
-- Skylar Thompson (skylar at cs.earlham.edu)
-- http://www.cs.earlham.edu/~skylar/
-------------- next part --------------
#!/usr/bin/env python
from imaplib import IMAP4
import sys
#IMAP server against which we authenticate
server="imap.cs.earlham.edu"
#Port number for IMAP server. Usually 143
port=143
#Below here you shouldn't need to edit anything
while 1:
#Read user and password from stdin, remove the newline, split at the space
#and assign to the user and password variables
line=sys.stdin.readline()[:-1]
[user,password]=line.split(' ')
#Connect to the IMAP server
p=IMAP4(server,port)
#Try to authenticate. If it doesn't work, it throws an exception
try:
p.login(user,password)
except:
#If it threw an exception, log in cache.log the auth booboo
sys.stderr.write("ERR authenticating %s\n"%user)
#Then deny access
sys.stdout.write("ERR\n")
#IMPORTANT!!!!!!!!!!!! Flush stdout
sys.stdout.flush()
continue
#If it didn't throw exceptions, that means it authenticated
#Log success to cache.log
sys.stderr.write("OK authenticated %s\n"%user)
#Then allow access
sys.stdout.write("OK\n")
sys.stdout.flush()
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/fedora-list/attachments/20040818/ab75edb4/attachment-0001.sig>
More information about the fedora-list
mailing list