On 20/9/2011 4:53 μμ, Luis Daniel Lucio Quiroz wrote:
c) you may relay secure auth with radius+https, after auth sucessful with a browser that client ip shall surf
Hi Luis, Please give me some details on the radius scenario:How does this relaying of radius authentication should be setup? Here is my understanding:
My radius server is at radius.example.com and squid is at myproxy.example.com. On radius.example.com we define myproxy.example.com as a client (with a secret). Now squid can authenticate a user to radius (through the squid_radius_auth helper).
So, let's say we create a php page with a login form (asking for user's username/password), accessible via https, and we host it at mywebserver.example.com (or we must host it at the same machine where squid is running, that is: myproxy.example.com?); this form (i.e. the application using the form), when posted by a client browser, should submit user's credentials to *squid* (i.e. to myproxy.example.com and *not* to radius.example.com) for authentication check? Then, if successful, the client browser can use squid as a proxy?
Thanks, Nick
smime.p7s
Description: S/MIME Cryptographic Signature
