[squid-users] Squid + oracle
Amos Jeffries
squid3 at treenet.co.nz
Tue Aug 18 17:10:48 UTC 2015
On 19/08/2015 2:06 a.m., adricustodio wrote:
> I was thinking... isnt it possible to make squid authenticate on a radius
> server and the radius goes into the oracle db ?
Depends on whether you are using the Captive Portal installation you
mentioned, a forward-proxy or interception proxy.
Of those options only the forward-proxy can do HTTP authentication.
I'm not familiar enough with RADIUS to know how (if at all) you coudl
get data between them.
>
> Sorry if it sounds stupid, im new on DB. I usually only work on proxy with
> ncsa authentication.
Operationally there is no difference. NCSA is one of the flat-file
database formats I mentioned. Both even use crypt() function in the
background for secure password hashing.
The only visible difference between basic_db_auth and basic_ncsa_auth is
the parameters on the helper line in squid.conf.
Here is an example config for the DB auth helper:
auth_param basic program /usr/bin/perl /usr/lib/squid/basic_db_auth \
--persist --md5 --salt "pepper" \
--dsn DBI:Oracle:database=users:db.example.com:1234 \
--user proxy --password blah --table accounts \
--usercol UserName --passwdcol Passwd \
--cond Status='ACTIVE'
As Yuri pointed the basic_ldap_auth helper is also usable if you prefer
LDAP query syntax to SQL.
Amos
More information about the squid-users
mailing list