[squid-users] Configuration assistance
HiP-HiPpO
arthur at cdne.net
Tue Apr 14 16:25:10 UTC 2015
Hello-
I'm using squid version 3.5.3 and I could use some help with
configuration.
Squid will be installed at AWS, most clients will be within a corporate
network and will not be able to access the service by configuring proxy
settings in a browser. Instead DNS will be used to resolve to the Squid
service. The Squid service will authenticate users via SLDAP. The
service will need to be able to intercept both clear and TLS HTTP traffic
in order to insert an Authorization header.
The request flow would be something like;
Client browser requests http(s)://proxy-hostX.test.com
(where 0 < X < 50)
Squid will need to intercept the request and add an Authorization header.
Squid will need to rewrite the request to the origin server. In this
case, the origin server name is hostX.test.com
Squid will then intercept the server response and direct that response to
an ICAP server to modify all embedded links to be the same as the
request. All links in the response will need to be rewritten to
http(s)://proxy-hostX.test.com
I have official wildcard certificates for the domain. i.e. *.test.com
Squid will also need to retrieve group memberships from SLDAP and authorize
user access to hostX based on group memberships. If the user is in the
groups host30 and host43, then access is allowed to only host30.test.com
and host43.test.com
Thank you in advance for all assistance.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.squid-cache.org/pipermail/squid-users/attachments/20150414/d2b5c5b5/attachment.html>
More information about the squid-users
mailing list