SSO with AD, Kerberos and squid ???
Dr. Greg Wettstein
greg at wind.enjellic.com
Fri May 2 10:26:04 EDT 2003
On May 2, 1:58am, greg wrote:
} Subject: Re: SSO with AD, Kerberos and squid ???
> Thank you for your help ;)
>
> But that's not exactly what I look for. I know squid_auth_ldap, but it
> requires a login and password when a user want to surf the web. What I
> want is users to connect with their normal account at their machine
> startup, to be recognized in an AD or ldap (via kerberos ?!), and to
> have acces or not to internet. I imagine kerberos could distribute a
> ticket to users and to squid, like in a sso mechanism but applied only
> to my proxy for the moment.
>
> I don't think there is any kerberos module available now for squid, so
> would it be quite easy to create one or not even considerable? I said
> 'easy' because I haven't much time and I'm not a great programmer !
What you actually want is the Holy Grail which many people are seeking
which is authenticated and authorized routing. Depending on the
layout of your network you may want to look at the NetReg software,
I've had some experience with that although its not a favorite
approach of mine.
My favorite private project right now is working to add authentication
and authorization to the ISC DHCP daemon. That approach provides the
ability to implement authenticated and authorized access to the
network in general. That may be more draconian than what you desire.
>From the issues we are seeing with the wireless wave hitting its going
to be hot button for a lot of people.
> Thank you
>
> --greg
Greg
}-- End of excerpt from greg
As always,
Dr. G.W. Wettstein, Ph.D. Enjellic Systems Development, LLC.
4206 N. 19th Ave. Specializing in information infra-structure
Fargo, ND 58102 development.
PH: 701-281-4950 WWW: http://www.enjellic.com
FAX: 701-281-3949 EMAIL: greg at enjellic.com
------------------------------------------------------------------------------
"Don't wear rollerskates to a tug-of-war."
-- Larry Wall
More information about the Kerberos
mailing list