No need to apologize. Often I see someone post something like "I need this" and then 4-5 posts later someone else finally asks why, and then you see "ahhh, you just need to do this instead" :)
If all traffic going through the proxy needs to be authenticated, and you use basic auth, then the users will be presented with a basic auth pop up box asking for their username and password. You can have an ACL rule that allows non-authenticated traffic through, to one site, that web page you mentioned. Alternatively, that website can be inside your network. In that case the students will access that local webserver for their account setup, and then head out through the proxy to the internet. Traffic going through the proxy can be set up so it needs to be authenticated, doing so on another server first I have not heard of. Giving the new students notification like: "welcome to school, to access the internet you need to set up your account here: www.internal.webserver.com/student/signup.htm" And then have all proxy traffic that is not authenticated properly be redirected to this site or some other page that explains why they couldn't get access to the internet. If the users are already logged into some kind of network, then there are other methods of authenticating too. Spend some time learning about the ACL options and read through some of the online documentation. I picked up the O'reilly book, "Squid the Definitive Guide" and it helped me a lot..as did scouring the net for information about squid and what we were trying to do. Chris Perreault -----Original Message----- From: Rick Whitley [mailto:[EMAIL PROTECTED] Sent: Monday, July 12, 2004 2:36 PM To: Chris Perreault Subject: RE: [squid-users] ldap authentication... Hi Chris, Thanks for the reply and I appologize for the generic posting. We are a university and are setting up a proxy server for the student/dorm internet access. The goal is to have a student (wired or wireless) hit the network, and be displayed a web page that will give them the option to activate their account or if they already have, login and access the internet. We have dhcp with the gateway pointing to the proxy server. The proxy will redirect to a web server to display the page. Once they login the proxy will authenticate them and either reject access or allow access. Do I have the process right or am I way out in left field? thanks for taking time to respond to this. rick... Rom.5:8 >>> Chris Perreault <[EMAIL PROTECTED]> 7/12/2004 1:09:46 PM >>> The FAQ at the www.squid-cache.org site is one place to research this. When you compile squid you need to have the ldap helper included too. ./configure -h will display all the options ./configure --enable-basic-auth-helpers=LDAP >From the source code will help. Within the helpers directory you can drill down into the LDAP directory and read the help files included there too. Using your favorite search engine on SQUID LDAP will give you plenty to read too. You may also find that stating what you'd like to do, to this list, will result in responses less generic and more geared towards a solution that suites your particular needs. Chris Perreault -----Original Message----- From: Rick Whitley [mailto:[EMAIL PROTECTED] Sent: Monday, July 12, 2004 1:23 PM To: [EMAIL PROTECTED] Subject: [squid-users] ldap authentication... Hello, I am new to Squid and would like to know where to find information on setting up squid to use ldap for authentication. I have read that it is part of the basic ncsa_auth module but the only examples I see use ncsa_auth with a passwd file. I'm not asking for anyone to do my job, just tell me where to find some documentation and examples. thanks rick... Rom.5:8
