Re: [squid-users] pass-thru authentication with radius

From: Simon White <[email protected]>
Date: Thu, 11 Apr 2002 15:56:13 +0000

11-Apr-02 at 17:47, Henrik Nordstrom (hno@marasystems.com) wrote :
> Van Bossche Koen wrote:
>
> > Our people in the US have build an intranet with authentication (for a
> > document archive) using RADIUS to authenticate.
> > If I would setup a RADIUS-authentication to squid (I believe I read it is
> > possible) for our NT users, is it then possible to set it up so that for
> > this intranet authentication radius is being used completely transparent.
> > So that those NT credentials are pulled automatically through the browser,
> > authenticated and the user is allowed to access whatever their group is
> > permitted to access.

I misread your question. You are talking about transparent authentication
and not proxying.

Now, this is how I see it:-

extranet server (US intranet) <-radius-> Squid <-NTLM-> Users

Henrik is correct (as usual ;-)) for you needing Squid2.5 for NTLM, for
Radius I'm not sure.

Squid can authenticate automatically to a parent proxy, but not AFAIK to
another website, rather depends on how the extranet is set up. Give us
more info and perhaps one of us can help out.

-- 
[Simon White. vim/mutt. simon@mtds.com. GIMPS:67.05% see www.mersenne.org]
It is impossible to sharpen a pencil with a blunt axe. It is equally vain
to try to do it with ten blunt axes instead.  -- E. W. Dijkstra
[Linux user #170823 http://counter.li.org. Home cooked signature rotator.]
Received on Thu Apr 11 2002 - 09:56:16 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:07:32 MST