Re: [squid-users] Any way to do this? allow/deny acces by login

From: Henrik Nordstrom <[email protected]>
Date: Wed, 08 Mar 2006 23:45:31 +0100

ons 2006-03-08 klockan 15:55 -0300 skrev Jonis Maurin Ceará:
> Hi
> Is there any way to allow or deny acces to specific sites (defined by
> acel) checking by login name?

Yes.

> I have an auth. programm that authenticate my squid users on postgresql.
> What i want is to create one more col on my table like "all_enabled" or
> "group" and if is all enabled or group X, this user have access to all
> sites (including blocked for default users).

> Is there any way to do this kind of authentication?

The first is authentication (verifying the login) and is done as you
already do by a helper defined in auth_param.

The second is authorization (giving different users different rights)
and databases like this is integrated using the external_acl_type
directive where you need a helper capable of answering the simple
question "Does user X belongs to group Y".

There is several external acl helpers you can look at to get some
inspiration on how this is done.

Regards
Henrik

Received on Wed Mar 08 2006 - 15:45:37 MST

This archive was generated by hypermail pre-2.1.9 : Sat Apr 01 2006 - 12:00:03 MST