Re: [squid-users] Authorization in a different way

Wed, 13 Jan 2016 10:46:06 -0800

I do not know if an old idea of mine will be good for you but... I will write it anyway. The basic way to do what you want is to use some kind of authentication in the session level and not the IP but.. You can use some "keep-alive" page which will use some JS to re-authenticate every couple seconds or minutes. The service like in TCP will assume that the connection is available as long as the client JS ran in the last couple seconds\minutes. It can help you to allow a specific user to use a specific IP address as long as the JS runs. And if the user was not authenticated to the other service (which can run in https) for a period of time the session helper will not allow any other new session to pass in. 

Hope it will help you.
Eliezer

On 13/01/2016 18:35, Christian Kunkel wrote:

Hey guys,

i need a way to autheticate or authorize users to my squid server so i can 
create some kind of a session and drop users after x hours they have been using 
my proxy. important thing would be to create only one session per user. i do 
not have access to users network. they are connecting from the internet and 
they also have nated ips. i thought about the classic way with http headers but 
i run into problems with some devices. so thats useless for me. to use the ip 
adress is also not possible because it would authorize a lot of ppl at once if 
they are behind a nat. thats not what i want. i only can add a proxy adress and 
a port to the devices which are connecting. right now i am using a unique port 
for every user. then redirect the port to a splash screen with a login form. 
when login is is successfull it triggers an iptables-script which redirects 
that port to squid. but that means every one can actually use that port after 
someone successfully logged in.

i am using squid 3.5.13 on debian 8.

some hints would be awesome. thanks in advance guys :)

Kind regards,

Chris
_______________________________________________
squid-users mailing list
squid-users@lists.squid-cache.org
http://lists.squid-cache.org/listinfo/squid-users



_______________________________________________
squid-users mailing list
squid-users@lists.squid-cache.org
http://lists.squid-cache.org/listinfo/squid-users

Reply via email to