This is a discussion on Re: [squid-users] LDAP Authentication storage issue - squid ; Tim Bernhardson wrote: > The IP Address of the PC that the user is logged onto is stored in the > LDAP DB (if you run an LDAP Query on a logged in user, you should see a > field ...
Tim Bernhardson wrote:
> The IP Address of the PC that the user is logged onto is stored in the
> LDAP DB (if you run an LDAP Query on a logged in user, you should see a
> field called networkAddress. With a little research, you could probably
> write a helper(or tweak the current ldap one) to use this information
> for authentication...
> I.E. A request comes in, grab the IP Address of the Client & formulate
> an LDAP Query to find if there is a user logged on at that IP Address
> and if there is allow them access..
> Tim Bernhardson
There is a cool tool call averist that does almost exactly what you want. It's missing the Squid integration.
It's a perl module, which makes for easy hacking, too. If you want to investigate, check out:
(don't let the domain name fool you)
> Senior Technical Engineer
> Certified Citrix Metaframe Administrator
> Certified CyberGuard Administrator
> Certified AIX 4.3 System Administrator
> Sun-Maid Growers of California
> 7273 Murray Drive, Ste 18
> Stockton, CA 95210
> tbernhar at sunmaid dot com
01/08/04 08:27AM >>>
> I am using LDAP to authenticate to Novell E-Dir with Squid for Internet
> access. It is working perfectly, however our management and users do
> not like the fact that when the browser is closed down and reopened,
> they have to authenticate again. They are whining because they do not
> want to have to type in their name when they open the browser several
> times a day.
> I need a way to store the authentication so that they will remain
> authenticated and not be challenged by the Squid server when they open a
> new browser for a period of 4 hours. Yes I know that this is defeating
> the purpose of security and authentication, but this is my direction.