Linux – squid acl policy using username

access-control-listlinuxsquid

i configure squid to authenticate using win AD, but users can connect from different ip address and i cant set policy base on ip for different user.

is any way to set acl base on username?

i found ident

http://www.visolve.com/squid/squid24s1/access_controls.php

is it work for my testcase?

Best Answer

You need to define and use ACLs of type proxy_auth; as per the page you linked:

Acl Type: proxy_auth

Description User authentication via external processes. proxy_auth requires an EXTERNAL authentication program to check username/password combinations (see authenticate_program ).

Usage acl aclname proxy_auth username...

use REQUIRED instead of username to accept any valid username

Example acl ACLAUTH proxy_auth usha venkatesh balu deepa

This acl is for authenticating users usha, venkatesh, balu and deepa by external programs.

This way, Squid will authenticate the users using any authentication method you choose (you said this is already in place, so you should have no problem here), and then you will be able to filter access based on usernames.

Sample configuration:

acl Good_Users user1 user2 user3
http_access allow Good_Users
http_access deny all

This will only allow user1, user2 and user3 to access the web.

Best Answer

Related Solutions

Ssl – Squid authentication encryption

Linux – connected users data in squid

Related Topic