LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices


Reply
  Search this Thread
Old 06-14-2007, 06:39 AM   #1
Ammad
Member
 
Registered: Apr 2004
Distribution: redhat 9.0, fc4, redhat as 4
Posts: 522

Rep: Reputation: 31
squid user authentication


having a linux server as transparent proxy, and all client are configured to dhcp; using SARG am getting reports of visited users. in reports i am unable to know which client visited to site (Ip address are assigned by dhcp).

due to this problem i want to authenticate each user, so in reports i will get usernames.

Is it possible to authenticate using Active Directory in transparent mode. or else solution.
 
Old 06-14-2007, 06:54 AM   #2
acid_kewpie
Moderator
 
Registered: Jun 2001
Location: UK
Distribution: Gentoo, RHEL, Fedora, Centos
Posts: 43,417

Rep: Reputation: 1985Reputation: 1985Reputation: 1985Reputation: 1985Reputation: 1985Reputation: 1985Reputation: 1985Reputation: 1985Reputation: 1985Reputation: 1985Reputation: 1985
no, that's not possible if you wish to do it transparently. the point of transparent proxying is to influence somethign unbeknownst to the end user and the end user software. if that client recieves an authentication prompt from a proxy which it doesn't know anything about, it's hardly going to ask the user for credentials... there are ways to require a preliminary login screen before access is permitted, but that's per use and never going to be very good. best advice i'd say is to look to drop the transparent side, which had a lot more drawbacks than you'd originally think.
 
Old 06-14-2007, 02:30 PM   #3
Ammad
Member
 
Registered: Apr 2004
Distribution: redhat 9.0, fc4, redhat as 4
Posts: 522

Original Poster
Rep: Reputation: 31
thanks, but in reports i want atleast username or computer name from which site being visted. so do i have proof, since its office environment, i(office) policy doesn't want to block any site. but it has been defined that "not to visit any porn site."

why to trnasparent?
becasue some users (including CEO) use laptop (MAC os X) they dont allow to set proxy setting, becuase they use laptop at home. and dont want to change settings.

Any other solution
 
Old 06-14-2007, 02:39 PM   #4
acid_kewpie
Moderator
 
Registered: Jun 2001
Location: UK
Distribution: Gentoo, RHEL, Fedora, Centos
Posts: 43,417

Rep: Reputation: 1985Reputation: 1985Reputation: 1985Reputation: 1985Reputation: 1985Reputation: 1985Reputation: 1985Reputation: 1985Reputation: 1985Reputation: 1985Reputation: 1985
ok, well still, ditch the transparency. instead use a proxy.pac / wpad.dat proxy configuration file, potentially assigned via dhcp. this way when someone connects to the network the dhcp data provided (dhcp option 252) tells them which proxy to use. when they connect elsewhere, that information isn't provided and they don't use a proxy. that's how to do things properly. then you have the full power of proxy authentication if you're after usernames. now if it's just hostnames you want, then if you have decent dns in line with your dhcp server. this can be achieved by using the log_fqdn option in the squid.conf file.
 
Old 06-14-2007, 02:48 PM   #5
Ammad
Member
 
Registered: Apr 2004
Distribution: redhat 9.0, fc4, redhat as 4
Posts: 522

Original Poster
Rep: Reputation: 31
thanks for your quick response, i will try it
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
User authentication in squid r_s_karthikeyan Linux - Networking 4 07-10-2006 05:33 PM
User based Authentication in Squid instead of Terminal based. TSK2000 Linux - Software 1 12-30-2005 03:22 AM
Squid proxy with user authentication and user rights duvanhorn Linux - Networking 0 08-07-2003 04:40 AM
Squid Proxy, User Authentication chrehmatali Linux - Security 3 05-03-2003 08:12 AM
Squid authentication! yenonn Linux - Networking 1 03-21-2003 08:58 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Networking

All times are GMT -5. The time now is 10:39 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration