[aclug-L] Squid Authentication
[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index] [Thread Index]
I want to set up squid to accept remote connections only after the client
has authenticated.
That's the easy part.
Now... I don't want to require the user to enter a username/password every
time they connect to the proxy server. I would like to store the
username/password on the client machine. If this isn't possible (and it
doesn't appear to be in IE or Netscape), then I want to devise some way
for authentication to be 'sticky'. None of the things I've explored are
working...
Some things I've considered (and ruled out, as explained):
* Entering the username/password in the proxy server string. i.e.
http://user:password@xxxxxxxxxxxxxxxx:8080/. This just confuses the web
browser.
* Entering the username/password in the proxy.pac file the browser uses
for auto proxy configuration. This also confuses the web browser.
* SSL Client-Certificate authentication. This isn't supported by squid...
altho it is supported by Apache. Perhaps there is still some way to work
out some way to authenticate via Apache for squid access, tho?
* One thing I haven't tried, because it seems far-fetched, and likely
insecure, is encoding authentication information in the proxy server URL.
The encoding itself wouldn't be too hard... something like
http://user.password.proxy.server:8080/ (probably use some sort of hash
for the user/password to make unreadable)... But even if that happened, I
don't know how I'd get that information to squid for authenticatoin
purposes.
* I've considered many other random things, too, that were easily deemed
undoable.
Does anyone else have any other suggestions?
This *should* be easy! *sigh*
-- This is the discussion@xxxxxxxxx list. To unsubscribe,
visit http://www.complete.org/cgi-bin/listargate-aclug.cgi
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [aclug-L] Squid Authentication,
flimzy <=
|
|
