[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Lock down WWW Access



On Fri, Feb 24, 2006 at 04:52:00PM -0800, Job Cacka wrote:
>  2. Have the option to allow or deny WWW access per login. Without
> restricing local browser functionality.

Force your users to use a squid proxy server that requires
authentication the first time that they access websites outside your
local network. Then, there's a number of ways you could deny access to
specific users.

Given that I tend to use LDAP for authentication, I'd probably use an
LDAP-filter based method to allow users in. Alternatively, a quick look
at squid's config file suggests that acls can be used to allow or deny
users based on login name.

Cheers,

Paul


-- 
Paul Dwerryhouse				| PGP Key ID: 0x6B91B584
========================================================================
Building Java RPMS for Redhat Enterprise Linux:
http://nepotismia.com/redhat/java/



[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]