Re: Remote Authentication

From: David Richards <[email protected]>
Date: Fri, 23 May 1997 08:54:38 +1000 (EST)

Arjan,

        I have a function written that will return 1 on successful
authentication and 0 on failed authentication. The function is very
quick. The function does cache passwords for a specified length of time,
it checks a quota database (at the moment, this is a flat file) and will
even send a message to a client (using an in house messaging system) about
why they failed if they did fail.

        When the function does have to talk to the authentication system,
it is extremely quick. If I did decide to implement this feature, i.e.
make squid block on authentication, where would I implement it??

Thanks,

Dave.

----------------------------------------------------------------------
David Richards Ph: +61 7 3864 4354
Computing Services e-mail: dj.richards@qut.edu.au
Queensland University of Technology
----------------------------------------------------------------------

> Because it's a remote authentication system it is not as simple as
> replacing one function call with your Auth function. The problem is that
> your Auth function will wait for a reply from the network (I think) during
> which Squid just blocks. It could be solved by using external processes
> like dnsserver but I'm trying first to implement the functionality in
> Squid itself.
>
> What we need are two functions:
>
> - One that sends a request and records some data about the request;
>
> - One that handles the answer to a request, using the recorded data.
>
> The send function will send a request through a socket and then Squid is
> instructed to call the handler as soons as data is being received on that
> socket. During that time Squid can handle other things.
>
> Furthermore I think that you need to cache usercode/password combinations
> because an auth lookup for each request decreases response time too much.
> There is already some password caching but timeouts need to be implemented
> in another way (now the entries timeout as soon as the passwd file
> changes, if I remember correctly).
>
> Arjan
>
Received on Thu May 22 1997 - 15:59:49 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:35:14 MST