[squid-users] squid 3.1 ldap authentication

Amos Jeffries squid3 at treenet.co.nz
Thu Oct 8 05:11:51 UTC 2015


On 8/10/2015 8:18 a.m., nando mendonca wrote:
> Hi,
> 
> I have squid 3.1 installed using ldap authentication. When i access a
> browser i enter my ldap credentials and it works fine. I’m able to browse
> all sites without any issues.
> 
> 
> Is there a way to use ldap groups to allow certain groups access to a few
> sites on the internet and then pretty much block everything else?

Please read this page <http://wiki.squid-cache.org/SquidFaq/SquidAcl>

Particularly the sections titled "Common Mistakes".

> 
> I’m able to restrict access to only a couple of sites and block everything
> else without using ldap group authentication, was just hoping this can be
> done with ldap group authentication.

Well, no because you cannot authenticate a whole group. There is no such
thing as "ldap group authentication"

There is group *authorization*, with LDAP protocol used to fetch the
group details.

Amos



More information about the squid-users mailing list