The IP Address of the PC that the user is logged onto is stored in the
LDAP DB (if you run an LDAP Query on a logged in user, you should see a
field called networkAddress. With a little research, you could probably
write a helper(or tweak the current ldap one) to use this information
for authentication...

I.E. A request comes in, grab the IP Address of the Client & formulate
an LDAP Query to find if there is a user logged on at that IP Address
and if there is allow them access..

Tim Bernhardson
Senior Technical Engineer
Certified Citrix Metaframe Administrator
Certified CyberGuard Administrator
Certified AIX 4.3 System Administrator
Sun-Maid Growers of California
7273 Murray Drive, Ste 18
Stockton, CA 95210

tbernhar at sunmaid dot com

>>> "Craig Sharp" 01/08/04 08:27AM >>>


I am using LDAP to authenticate to Novell E-Dir with Squid for Internet
access. It is working perfectly, however our management and users do
not like the fact that when the browser is closed down and reopened,
they have to authenticate again. They are whining because they do not
want to have to type in their name when they open the browser several
times a day.

I need a way to store the authentication so that they will remain
authenticated and not be challenged by the Squid server when they open a
new browser for a period of 4 hours. Yes I know that this is defeating
the purpose of security and authentication, but this is my direction.