Hi Ian, Thanks for the response; I'll try posing my question on that list as well.
I will try to get apache's auth stuff to work with proxying; the thing is, I want users to be able to point to http://my.proxy.edu:81, get authenticated, be able to select a printer address from a list, and then have their traffic go through the proxy, to the printer, and back. For another project I've used a cookie scheme similar to what you suggested, but our network person wants to make it more secure. I'll keep working on it, and thank you again. Best, Andrew Andrew Musselman [EMAIL PROTECTED] >>> [EMAIL PROTECTED] 08/17/05 12:51 PM >>> Hi Andrew. I'm sure these kind of questions are best answered on httpd- [EMAIL PROTECTED] there are two options here. you can either use apaches authentication handling, which will prompt you with a dialog for a user/password OR you can use rewrite and do a cookie check which redirects non-cookied people to a special page which does the LDAP lookup and cookie setting. Some people @ columbia wrote a module called mod_auth_pamacea does this I believe. the only caveats I see with it are :- it is GPL :- the session manager it uses is file based, which won't scale (their words) but you could change the session manager to use a mysql DB or somesuch if you need scalability regards Ian On 18/08/2005, at 3:30 AM, Andrew Musselman wrote: > Well, after searching the archive more I found some usage questions; > hence I will post my own :) > > We are trying to shut down web access to all our networked printers on > campus "the easy way": set up a proxy server through which only > selected people can access the printers. The authentication can be > done > using LDAP. > > A couple of methods have been suggested, and I am researching them > now: > (1) mod_ssl + mod_auth_ldap + mod_proxy > (2) mod_ssl + mod_authz_ldap + mod_proxy > (3) mod_ssl + A nice little PHP login page that queries LDAP before > turning things over to mod_proxy. > > So far I have had success with setting up a virtual host as a forward > proxy and with activating SSL for LDAP queries through a login > page, but > I'm really confused about something: how could I set things up so > users > visit some login page, their credentials are checked through LDAP, and > then they are forwarded to the printer they want? > > Does anyone have any suggestions, or has anyone tried this and gotten > anywhere? Thanks for your time. > > Best, > Andrew > > > Andrew Musselman > [EMAIL PROTECTED] > > >>>> [EMAIL PROTECTED] 8/17/2005 9:56 AM >>> >>>> > Hello-- > > I have some questions that are not development questions, but I > couldn't find a list for just the use of mod_proxy. Does anyone know > of > a list that might be appropriate? > > Thank you, > Andrew > > Andrew Musselman > [EMAIL PROTECTED] > -- Ian Holsman Director Network Management Systems CNET Networks PH: 415-344-2608 (USA) /(++61) 3-9877-0909 (Australia)
