Re: [squid-users] SSO and Squid, SAML 2.0 ?

2016-10-07 Thread FredB
> I am aware of folks successfully using certificate-based > authentication > in production today, but they are still running v3.3-based code (plus > many patches). I am not aware of any regressions in that area, but > since > there is no adequate regression testing, Amos is right: YMMV. > >

Re: [squid-users] SSO and Squid, SAML 2.0 ?

2016-10-06 Thread Alex Rousskov
On 10/06/2016 04:17 AM, Amos Jeffries wrote: > On 6/10/2016 9:57 p.m., FredB wrote: >> I can authenticate a user to squid with a certificate ? >> If yes the user name can be saved in squid log file ? > I'm not aware of anyone actually using that feature in the a long time > though. So YMMV. I

Re: [squid-users] SSO and Squid, SAML 2.0 ?

2016-10-06 Thread Amos Jeffries
On 6/10/2016 9:57 p.m., FredB wrote: > Hello, > > I found no way to do that, so I changed my mind > I can authenticate a user to squid with a certificate ? I'm thinking about a > smart card > > If yes the user name can be saved in squid log file ? > aking a Maybe. There is some very old

Re: [squid-users] SSO and Squid, SAML 2.0 ?

2016-10-06 Thread FredB
Hello, I found no way to do that, so I changed my mind I can authenticate a user to squid with a certificate ? I'm thinking about a smart card If yes the user name can be saved in squid log file ? Thanks Fred ___ squid-users mailing list

Re: [squid-users] SSO and Squid, SAML 2.0 ?

2016-09-23 Thread FredB
> > > Proxies only support "HTTP authentication" methods: Basic, Digest, > NTLM ,etc. So you either have to use one of those, or perhaps "fake" > the creation of one of those...? > > > eg you mentioned SAML, but gave no context beyond saying you didn't > want AD. So let's say SAML is a

Re: [squid-users] SSO and Squid, SAML 2.0 ?

2016-09-22 Thread Jason Haar
On Tue, Sep 20, 2016 at 8:39 PM, FredB wrote: > I'm searching a way to use a secure SSO with Squid, how did you implement > the authenticate method with an implicit proxy ? > I'm reading many documentations about SAML, but I found nothing about Squid > > I guess we can only do

Re: [squid-users] SSO and Squid, SAML 2.0 ?

2016-09-21 Thread FredB
> Hi Fred, > I assume that by "implicit" you mean "transparent" or > "interception". Short answer, not possible: there is nothing to > anchor > cookies to. It could be possible to fake it by having an auxiliary > website doing standard SAML and feeding a database of associations > userid-ip. It

Re: [squid-users] SSO and Squid, SAML 2.0 ?

2016-09-20 Thread Kinkie
Hi Fred, I assume that by "implicit" you mean "transparent" or "interception". Short answer, not possible: there is nothing to anchor cookies to. It could be possible to fake it by having an auxiliary website doing standard SAML and feeding a database of associations userid-ip. It will fail to

Re: [squid-users] SSO and Squid, SAML 2.0 ?

2016-09-20 Thread FredB
I forgot, if possible a method without active directory ___ squid-users mailing list squid-users@lists.squid-cache.org http://lists.squid-cache.org/listinfo/squid-users