CoSign: Collaborative Single Sign-On  
AnnouncementsDiscussion
 

cosign-discuss at umich.edu
general discussion of cosign development and deployment
 

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Cosign and Squid?



Has anyone implemented a cosign-protected squid proxy?
I'd like to require authentication on my squid box(es),
and could do that via ldap (which means I'd want the
squid proxy available only via ssl, which seems like
significant overhead.

Don't know if cosign-enabling squid would work, but it'd
be an interesting thing.  You'd need to modify the error
message to have a link to the weblogin page.  And, now
that I think of it, I don't know that you'd be able to
have it follow the redirect to authenticate the cookie,
since in order to follow the redirect your proxy needs
to be functioning, and in order for your proxy to function
you need to have the cookie authenticated....  Squid
probably has the capability to allow the weblogin server
to require no authentication, so that could be worked
around.

Anyone started down this road?

-- 
Brian Hatch                  R: I'm winning!
   Systems and               B: What's winning?
   Security Engineer         R: Meeee!!!
http://www.ifokr.org/bri/

Every message PGP signed

Attachment: signature.asc
Description: Digital signature


 
Copyright © 2002 - 2004 Regents of the University of Michigan :  Page last updated 15-December-2010