Lock down WWW Access

Bliss, Aaron ABliss at preferredcare.org
Mon Feb 27 00:57:01 UTC 2006 

Does anyone know if I can use pass thru authentication with squid?  I'm
running AD on the windows side of the house, and would like it so that
my users wouldn't have to manually enter their AD credentials when
browsing the web.  Thanks for your help.

Aaron 

-----Original Message-----
From: redhat-list-bounces at redhat.com
[mailto:redhat-list-bounces at redhat.com] On Behalf Of Paul Dwerryhouse
Sent: Sunday, February 26, 2006 7:54 PM
To: redhat-list at redhat.com
Subject: Re: Lock down WWW Access

On Fri, Feb 24, 2006 at 04:52:00PM -0800, Job Cacka wrote:
>  2. Have the option to allow or deny WWW access per login. Without 
> restricing local browser functionality.

Force your users to use a squid proxy server that requires
authentication the first time that they access websites outside your
local network. Then, there's a number of ways you could deny access to
specific users.

Given that I tend to use LDAP for authentication, I'd probably use an
LDAP-filter based method to allow users in. Alternatively, a quick look
at squid's config file suggests that acls can be used to allow or deny
users based on login name.

Cheers,

Paul


-- 
Paul Dwerryhouse				| PGP Key ID: 0x6B91B584
========================================================================
Building Java RPMS for Redhat Enterprise Linux:
http://nepotismia.com/redhat/java/

--
redhat-list mailing list
unsubscribe mailto:redhat-list-request at redhat.com?subject=unsubscribe
https://www.redhat.com/mailman/listinfo/redhat-list



www.preferredcare.org
"An Outstanding Member Experience," Preferred Care HMO Plans -- J. D. Power and Associates

Confidentiality Notice:
The information contained in this electronic message is intended for the exclusive use of the individual or entity named above and may contain privileged or confidential information.  If the reader of this message is not the intended recipient or the employee or agent responsible to deliver it to the intended recipient, you are hereby notified that dissemination, distribution or copying of this information is prohibited.  If you have received this communication in error, please notify the sender immediately by telephone and destroy the copies you received.

More information about the redhat-list mailing list