RE: [squid-users] proxy authentication/system access

Excellent. I got it to work pretty easily, just wasn't too sure whether the
auth program would send back the user id to use in another ACL.

Thanks!

-----Original Message-----
From: Henrik Nordstrom [mailto:hno@squid-cache.org]
Sent: Monday, December 01, 2003 6:27 PM
To: John Hally
Cc: 'squid-users@squid-cache.org'
Subject: Re: [squid-users] proxy authentication/system access

On Mon, 1 Dec 2003, John Hally wrote:

> I have Squid acting as a proxy and using webmin to control access via
> login/pwd. What I'd like to do is to further limit the user so that they
> can only use the proxy to access certain web servers. I'm guessing that
> I'll have to use something else to authenticate against other than the
> webmin authentication scheme. Has anyone done something similar?

authentication and authorization is different concepts..

I am not a webmin user but you do this by

a) Defining the authentication scheme an helper, allowing Squid to verify
the users authentication credentials (login+password for basic
authentication). This is done with the auth_param directive.

b) Defining access controls telling what users are allowed to request what
when. This is done by the auth_param directive by combining acl
definitions defined by the acl directive.

See the Squid FAQ on access control.

Regards
Henrik
Received on Tue Dec 02 2003 - 09:04:00 MST