LinuxQuestions.org
Support LQ: Use code LQ3 and save $3 on Domain Registration
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Software
User Name
Password
Linux - Software This forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum.

Notices

Reply
 
Search this Thread
Old 09-30-2008, 08:32 AM   #1
trv@dmin
LQ Newbie
 
Registered: Mar 2008
Location: Russia, St.-Petersburg
Distribution: ubuntu
Posts: 13

Rep: Reputation: 0
Choose the best proxy+openldap solution


Hi everyone! I'm beginner in this issue and I need help to choose proxy+openldap solution. Which proxy does work with openldap users and can make reports for every user's traffic and list of visited sites?
Which proxy+openldap do you use?
 
Old 10-01-2008, 01:18 AM   #2
SkyEye
Member
 
Registered: Sep 2005
Location: Sri Lanka
Distribution: Fedora (workstations), CentOS (servers), Arch, Mint, Ubuntu, and a few more.
Posts: 441

Rep: Reputation: 40
Well, Squid is a popular and capable proxy which supports addons too. And Squid support LDAP authentication. Have a look at this one example.


EDIT: I forgot to mention that report generation is also well supported. In fact there are even commercial tools to parse Squid logs.

Last edited by SkyEye; 10-01-2008 at 03:11 AM.
 
Old 10-01-2008, 02:59 AM   #3
trv@dmin
LQ Newbie
 
Registered: Mar 2008
Location: Russia, St.-Petersburg
Distribution: ubuntu
Posts: 13

Original Poster
Rep: Reputation: 0
Thanks for response SkyEye.

Are there any suggestions else?
 
Old 10-01-2008, 03:46 AM   #4
Felipe
Member
 
Registered: Oct 2006
Posts: 294

Rep: Reputation: 31
I use squid to authenticate against Active Directory and Oracle Database (and easy to use any other repository as OpenLdap as I request the AD as a LDAP).

What I do is to use Squid as a reverse proxy that captures the URL. With the url, I request the user to authenticate (only once per session of navigator) and use the information of user/url to know if the user can access the url. The information is saved into groups of AD or Database.
In AD/database I also save which profile the user belong to, so it's a centralized and fast way of implementing security.

Ex:
user type http://server/Apli/subdir/

I look for the user in "Apli" group of AD and later if user belong to "Apli@subdir" group of AD.
And squid allows you to rewrite URL, so you can send applications information no typed by user as:
http:/server/Apli/subdir/?user=username&profile=profileName&... (other information extracted from AD or DB).

Another important thing is than you can use certificates to identify users (and PCSC). And it's compatible for windows and Linux clients (and supposed that other OS).

I use squid and it's powerful and very, very stable.

I hope this can help you.

Felipe
 
  


Reply

Tags
ldap, proxy, squid


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Choose the best proxy+openldap solution trv@dmin Linux - Networking 1 09-30-2008 04:36 PM
OpenLDAP as a Proxy koncept Linux - Software 4 07-07-2008 07:15 PM
proxy server antivirus solution msound Linux - Networking 2 06-02-2005 01:46 PM
Looking for Proxy Solution... blueCow Linux - Software 0 08-03-2004 11:44 AM
Need a solution to FTP Proxy setup Firejack Linux - Software 0 10-30-2003 05:17 AM


All times are GMT -5. The time now is 11:37 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration