[squid-users] Dynamic ACL with local auth
Amos Jeffries
squid3 at treenet.co.nz
Wed May 8 16:16:03 UTC 2024
On 8/05/24 19:55, Albert Shih wrote:
> Le 06/05/2024 à 12:21:10+0300, ngtech1ltda écrit
> Hi,
>
>>
>> The right way to do it is to use an external acl helper that will use some kind of database for the settings.
>
> Ok. I will check that.
>
>> The other option is to use a reloadable ACLs file.
>
> But those this reload need a restart of the service ?
>
>> But you need to clarify exactly the goal if you want more then a basic advise.
>
> Well..pretty simple task
Ah, this is about equivalent to "just create life" level of simplicity.
I expect that what you need is doable, but not in the way you are
describing so far.
(p-PS. If you can mention how much experience you have working with
Squid configuration it will help us know how much detail we can skip
over when offering options.)
> I need to build a squid server to allow/deny
> people access to some data (website) because those website don't support
> authentication.
>
So Squid needs to authenticate. Is that every request or on a
per-resource (URL) basis?
A) needs only simple auth setup
or
B) needs auth setup, with ACL(s) defining when to authenticate
> But the rule of access “allow/deny” are manage in other place through
> another application.
>
What criteria/details is this other application checking?
Can any of its decision logic be codified as a sequence of Squid ACL
types checked in some specific order?
How are you expecting Squid to communicate with it?
> So the goal is to have some «thing» who going to retrieve the «permissions»
> of the user and apply the ACL on squid.
>
Please explain/clarify what **exactly** a "permission" is in your design?
Cheers
Amos
More information about the squid-users
mailing list