Greetings, I am writing to you as a Nufw developper. Nufw is, shortly said, a users-aware firewall, released on GPL v2. Basically, it marks any (TCP and others) connections with a user id. This leads to (hopefully) interesting perspectives in terms of transparent users identification/authentication.
Right now, an apache module exists, which lets users be identified to an Apache server, without any interactive login/password prompt. More details about the nufw project can be found at www.nufw.org. Anyway, this email is not about Nufw, sorry about this too long introduction. In a view to create a SSO authentication solution (based on nufw) for Squid, we need to build an authentication module for squid. It needs the following informations from squid : (source IP, source Port, destination IP, destination port), all these about the connection from the browser/client to the Squid server. In the nufw point of view, user should not be prompted with username/password (or maybe in a second period, if user cannot be identified through Nufw). I have read this thread : http://www.mail-archive.com/[EMAIL PROTECTED]/msg01881.html which is about the source IP address, so I suppose this should be possible. We are very much interested if someone could give us tracks to follow to accomplish this goal. Regards, Vincent Deffontaines
