Lock down WWW Access
A.Fadyushin at it-centre.ru
A.Fadyushin at it-centre.ru
Mon Feb 27 09:26:41 UTC 2006
I think you should use squid together with Samba, so squid will ask the
Samba authentication helper with user authentication questions and that
helper will verify user's credentials and return the result to squid.
See the description of this configuration at:
http://www.squid-cache.org/Doc/FAQ/FAQ-23.html#ss23.5
Alexey Fadyushin
Brainbench MVP for Linux
http://www.brainbench.com
> -----Original Message-----
> From: redhat-list-bounces at redhat.com [mailto:redhat-list-
> bounces at redhat.com] On Behalf Of Bliss, Aaron
> Sent: Monday, February 27, 2006 3:57 AM
> To: Paul Dwerryhouse; redhat-list at redhat.com
> Subject: RE: Lock down WWW Access
>
> Does anyone know if I can use pass thru authentication with squid?
I'm
> running AD on the windows side of the house, and would like it so that
> my users wouldn't have to manually enter their AD credentials when
> browsing the web. Thanks for your help.
>
> Aaron
>
> -----Original Message-----
> From: redhat-list-bounces at redhat.com
> [mailto:redhat-list-bounces at redhat.com] On Behalf Of Paul Dwerryhouse
> Sent: Sunday, February 26, 2006 7:54 PM
> To: redhat-list at redhat.com
> Subject: Re: Lock down WWW Access
>
> On Fri, Feb 24, 2006 at 04:52:00PM -0800, Job Cacka wrote:
> > 2. Have the option to allow or deny WWW access per login. Without
> > restricing local browser functionality.
>
> Force your users to use a squid proxy server that requires
> authentication the first time that they access websites outside your
> local network. Then, there's a number of ways you could deny access to
> specific users.
>
> Given that I tend to use LDAP for authentication, I'd probably use an
> LDAP-filter based method to allow users in. Alternatively, a quick
look
> at squid's config file suggests that acls can be used to allow or deny
> users based on login name.
>
> Cheers,
>
> Paul
>
>
> --
> Paul Dwerryhouse | PGP Key ID: 0x6B91B584
>
========================================================================
> Building Java RPMS for Redhat Enterprise Linux:
> http://nepotismia.com/redhat/java/
>
> --
> redhat-list mailing list
> unsubscribe mailto:redhat-list-request at redhat.com?subject=unsubscribe
> https://www.redhat.com/mailman/listinfo/redhat-list
>
>
>
> www.preferredcare.org
> "An Outstanding Member Experience," Preferred Care HMO Plans -- J. D.
> Power and Associates
>
> Confidentiality Notice:
> The information contained in this electronic message is intended for
the
> exclusive use of the individual or entity named above and may contain
> privileged or confidential information. If the reader of this message
is
> not the intended recipient or the employee or agent responsible to
deliver
> it to the intended recipient, you are hereby notified that
dissemination,
> distribution or copying of this information is prohibited. If you
have
> received this communication in error, please notify the sender
immediately
> by telephone and destroy the copies you received.
>
>
> --
> redhat-list mailing list
> unsubscribe mailto:redhat-list-request at redhat.com?subject=unsubscribe
> https://www.redhat.com/mailman/listinfo/redhat-list
More information about the redhat-list
mailing list