[squid-users] Authorization in a different way

Christian Kunkel ckunkel at fischie.com
Wed Jan 13 16:35:23 UTC 2016


Hey guys,

i need a way to autheticate or authorize users to my squid server so i can create some kind of a session and drop users after x hours they have been using my proxy. important thing would be to create only one session per user. i do not have access to users network. they are connecting from the internet and they also have nated ips. i thought about the classic way with http headers but i run into problems with some devices. so thats useless for me. to use the ip adress is also not possible because it would authorize a lot of ppl at once if they are behind a nat. thats not what i want. i only can add a proxy adress and a port to the devices which are connecting. right now i am using a unique port for every user. then redirect the port to a splash screen with a login form. when login is is successfull it triggers an iptables-script which redirects that port to squid. but that means every one can actually use that port after someone successfully logged in.

i am using squid 3.5.13 on debian 8.

some hints would be awesome. thanks in advance guys :)

Kind regards,

Chris


More information about the squid-users mailing list