Re: [squid-users] restricting ldap auth to one login at a time

From: Henrik Nordstrom <henrik@dont-contact.us>
Date: Wed, 15 Mar 2006 14:08:17 +0100

ons 2006-03-15 klockan 14:55 +0300 skrev pwasenda@ura.go.ug:
> Iam considering using ldap for authenticating users, question is how do i
> prevent users from logging into the system more than once, so as to give access
> to a friend.

There is an max_user_ip acl in Squid for this specific task...

> Also is it possible to bind a username to a specific ip address.

Two options depending on if you know the IP or not:

a) The acl mentioned above can automatically lock the user to the first
IP seen for a configurable period of time.

b) You can use Squid ACLs to restrict each users to a single priorly
known IP. This is most easily done with the ip_user external acl
helper.. (see helpers/external_acl/ip_user for details)

Regards
Henrik

Received on Wed Mar 15 2006 - 06:08:26 MST

This archive was generated by hypermail pre-2.1.9 : Sat Apr 01 2006 - 12:00:04 MST