Choose the best proxy+openldap solution
Hi everyone! I'm beginner in this issue and I need help to choose proxy+openldap solution. Which proxy does work with openldap users and can make reports for every user's traffic and list of visited sites?
Which proxy+openldap do you use? |
|
Thanks for response SkyEye.
Are there any suggestions else? |
I use squid to authenticate against Active Directory and Oracle Database (and easy to use any other repository as OpenLdap as I request the AD as a LDAP).
What I do is to use Squid as a reverse proxy that captures the URL. With the url, I request the user to authenticate (only once per session of navigator) and use the information of user/url to know if the user can access the url. The information is saved into groups of AD or Database. In AD/database I also save which profile the user belong to, so it's a centralized and fast way of implementing security. Ex: user type http://server/Apli/subdir/ I look for the user in "Apli" group of AD and later if user belong to "Apli@subdir" group of AD. And squid allows you to rewrite URL, so you can send applications information no typed by user as: http:/server/Apli/subdir/?user=username&profile=profileName&... (other information extracted from AD or DB). Another important thing is than you can use certificates to identify users (and PCSC). And it's compatible for windows and Linux clients (and supposed that other OS). I use squid and it's powerful and very, very stable. I hope this can help you. Felipe |
All times are GMT -5. The time now is 06:25 PM. |