Lock down WWW Access
Paul Dwerryhouse
paul at dwerryhouse.com.au
Mon Feb 27 00:54:09 UTC 2006
On Fri, Feb 24, 2006 at 04:52:00PM -0800, Job Cacka wrote:
> 2. Have the option to allow or deny WWW access per login. Without
> restricing local browser functionality.
Force your users to use a squid proxy server that requires
authentication the first time that they access websites outside your
local network. Then, there's a number of ways you could deny access to
specific users.
Given that I tend to use LDAP for authentication, I'd probably use an
LDAP-filter based method to allow users in. Alternatively, a quick look
at squid's config file suggests that acls can be used to allow or deny
users based on login name.
Cheers,
Paul
--
Paul Dwerryhouse | PGP Key ID: 0x6B91B584
========================================================================
Building Java RPMS for Redhat Enterprise Linux:
http://nepotismia.com/redhat/java/
More information about the redhat-list
mailing list