Revision: 6016
http://ipcop.svn.sourceforge.net/ipcop/?rev=6016&view=rev
Author: owes
Date: 2011-10-31 20:52:17 +0000 (Mon, 31 Oct 2011)
Log Message:
-----------
Proxy text for referer and authentication. Authentication far from complete and
seperated into new chapter.
Modified Paths:
--------------
IPCopDoc/trunk/en/admin/xml/services.xml
Modified: IPCopDoc/trunk/en/admin/xml/services.xml
===================================================================
--- IPCopDoc/trunk/en/admin/xml/services.xml 2011-10-31 20:50:44 UTC (rev
6015)
+++ IPCopDoc/trunk/en/admin/xml/services.xml 2011-10-31 20:52:17 UTC (rev
6016)
@@ -720,57 +720,142 @@
</sect3>
<sect3 id="services-webproxy-privacy">
<title>Privacy</title>
- <formalpara>
- <title><guilabel>Fake useragent submitted to external
sites</guilabel> (optional)</title>
- <para>
- Content to be written...
- </para>
- </formalpara>
- <formalpara>
- <title><guilabel>Fake referer submitted to external
sites</guilabel> (optional)</title>
- <para>
- Content to be written...
- </para>
- </formalpara>
+ <para>This allows the modification of some HTTP header fields to
protect your privacy.</para>
+ <formalpara>
+ <title><guilabel>Fake useragent submitted to external
sites</guilabel> (optional)</title>
+ <para>
+ By default, the useragent of the currently used web
browser will be submitted
+ to external web servers. Some dynamic websites generate
the content depending
+ on the submitted useragent string. This string will also
be logged to the Web
+ Server log files.
+ </para>
+ </formalpara>
+ <para>
+ With the <quote>Fake useragent</quote> option you have the
ability to rewrite this
+ string for all your clients. For outgoing requests the
useragent header field will
+ be changed by the Proxy Server and submitted to external sites
instead of the
+ original useragent string. This can be useful to protect your
privacy or to enforce
+ a desired level of compatibility.
+ </para>
+ <formalpara>
+ <title><guilabel>Fake referer submitted to external
sites</guilabel> (optional)</title>
+ <para>
+ When clicking a hyperlink, the source URL will be
submitted to the destination
+ website. This can be turned off by entering a user defined
string. This string
+ will be submitted instead of the real referring URL. This
can be useful to
+ protect your privacy.
+ <note><para>
+ Modifying the referer violates the HTTP standard and may
sometimes lead to
+ difficulties. Some websites are blocking requests with an
invalid referer to
+ protect themselves against so called deep links or the
abuse by
+ <quote>stealing</quote> graphics from their website.
+ </para></note>
+ </para>
+ </formalpara>
</sect3>
+
<sect3 id="services-webproxy-authentication">
<title>Authentication method</title>
+ <para>
+ The Web Proxy offers several methods for user authentication.
+ </para>
+
+ <para>
+ <figure id="v2.services.007">
+ <title>Web proxy - Privacy & Authentication Method
Sections</title>
+ <mediaobject>
+ <imageobject role="fo">
+ <imagedata fileref="&imagepath;proxy6.&imageext;"
+ format="PNG"
+ contentwidth="14cm"/>
+ </imageobject>
+ <imageobject role="html">
+ <imagedata fileref="&imagepath;proxy6.&imageext;"
format="PNG" align="center"/>
+ </imageobject>
+ <textobject>
+ <phrase>HTTP Web Proxy Page</phrase>
+ </textobject>
+ </mediaobject>
+ </figure>
+ </para>
+
<formalpara>
- <title><guilabel>None</guilabel> (default)</title>
- <para>
- Content to be written...
- </para>
+ <title><guilabel>None</guilabel> (default)</title>
+ <para>
+ Authentication is disabled. Users do not need to authenticate
when accessing web sites.
+ </para>
</formalpara>
<formalpara>
- <title><guilabel>Local</guilabel></title>
- <para>
- Content to be written...
- </para>
+ <title><guilabel>Local</guilabel></title>
+ <para>
+ This authentication method is the preferred solution for SOHO
environments. Users need
+ to authenticate when accessing web sites by entering a valid
username and password.
+ See the <link linkend="proxy-auth-local">Local Proxy
Authentication</link> section for
+ further information.
+ </para>
+ </formalpara>
+ <formalpara>
+ <title><guilabel>identd</guilabel></title>
+ <para>
+ This authentication method is the preferred solution for
environments where
+ <itemizedlist>
+ <listitem><para>
+ Authentication must be a <quote>hidden</quote> process
without entering username
+ and password
+ </para></listitem>
+ <listitem><para>
+ Proxy service must operate in transparent mode
+ </para></listitem>
+ <listitem><para>
+ Usernames will be used only for logging rather than for
authentication
+ </para></listitem>
+ </itemizedlist>
+ The identd authentication method requires an identd service or
daemon running on the client.
+ See the <link linkend="proxy-auth-identd">identd
Authentication</link> section for
+ further information.
+ </para>
</formalpara>
<formalpara>
- <title><guilabel>identd</guilabel></title>
- <para>
- Content to be written...
- </para>
+ <title><guilabel>LDAP</guilabel></title>
+ <para>
+ This authentication method is the preferred solution for
medium and large network
+ environments. Users will have to authenticate when accessing
web sites by entering a
+ valid username and password. The credentials are verified
against an external Server
+ using the Lightweight Directory Access Protocol (LDAP).
+ </para>
</formalpara>
+ <para>
+ LDAP authentication will be useful if you have already a
directory service in your
+ network and do not want to maintain additional user accounts
and passwords for web
+ access. See the <link linkend="proxy-auth-ldap">LDAP
Authentication</link> section for
+ further information.
+ </para>
<formalpara>
- <title><guilabel>LDAP</guilabel></title>
- <para>
- Content to be written...
- </para>
+ <title><guilabel>Windows</guilabel></title>
+ <para>
+ This authentication method is the preferred solution for small
and medium network
+ environments. Users will have to authenticate when accessing
web sites. The credentials
+ are verified against an external Server acting as a Domain
Controller.
+ See the <link linkend="proxy-auth-windows">Windows
Authentication</link> section for
+ further information.
+ </para>
</formalpara>
<formalpara>
- <title><guilabel>Windows</guilabel></title>
- <para>
- Content to be written...
- </para>
+ <title><guilabel>RADIUS</guilabel></title>
+ <para>
+ This authentication method is the preferred solution for small
and medium network
+ environments. Users will have to authenticate when accessing
web sites. The credentials
+ are verified against an external RADIUS server.
+ See the <link linkend="proxy-auth-radius">RADIUS
Authentication</link> section for
+ further information.
+ </para>
</formalpara>
- <formalpara>
- <title><guilabel>RADIUS</guilabel></title>
- <para>
- Content to be written...
- </para>
- </formalpara>
+
+ <note><para>When using authentication and enabling the web
proxy log files,
+ the requesting user name will be logged in addition to the
requested URL.
+ Before enabling log files while using authentication, make
sure not to violate
+ existing laws.</para></note>
+
</sect3>
<sect3 id="services-webproxy-clearcache">
<title>Clear Cache/Save</title>
@@ -789,24 +874,6 @@
<guibutton>Save</guibutton> button to apply them.
</para>
</formalpara>
- <para>
- <figure id="v2.services.007">
- <title>Web proxy - Privacy & Authentication Method
Sections</title>
- <mediaobject>
- <imageobject role="fo">
- <imagedata fileref="&imagepath;proxy6.&imageext;"
- format="PNG"
- contentwidth="14cm"/>
- </imageobject>
- <imageobject role="html">
- <imagedata fileref="&imagepath;proxy6.&imageext;"
format="PNG" align="center"/>
- </imageobject>
- <textobject>
- <phrase>HTTP Web Proxy Page</phrase>
- </textobject>
- </mediaobject>
- </figure>
- </para>
</sect3>
</sect2>
This was sent by the SourceForge.net collaborative development platform, the
world's largest Open Source development site.
------------------------------------------------------------------------------
Get your Android app more play: Bring it to the BlackBerry PlayBook
in minutes. BlackBerry App World™ now supports Android™ Apps
for the BlackBerry® PlayBook™. Discover just how easy and simple
it is! http://p.sf.net/sfu/android-dev2dev
_______________________________________________
Ipcop-svn mailing list
Ipcop-svn@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/ipcop-svn
