> It is about time to start thinking about how to implement external
> groups.
>
> As discussed earlier (see squid.sourceforge.net/ntlm/ for one achive)
> two concepts are needed
>
> a) Groups as returned by the authenticator
This requires us to extend the squid-authenticators protocol.
Not that big a deal for NTLM, but the basic authenticators use a way
too much primitive protocol.
> b) Other groups, verified by a separate helper using
> "ident/login, IP,
> browser"
I'd like this. Esp since it would allow for very aggressive caching, and
thus
good performance.
>
> 'b' is fairly straight forward to implement, but I am not very familar
> with the auth code changes needed for 'a' but I guess it shouldn't be
> too hard to add...
>
> I think both should match a single ACL type "group" if possible.
Robert already answered on this one, I'll comment on his reply.
-- /kinkieReceived on Thu Jul 05 2001 - 02:45:54 MDT
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:14:05 MST