Re: [squid-users] Looking for authentication ideas

From: Amos Jeffries <squid3_at_treenet.co.nz>
Date: Thu, 22 Oct 2009 11:49:17 +1300

On Wed, 21 Oct 2009 14:24:30 -0700 (PDT), skinnyzaz
<bradzazulak_at_gmail.com>
wrote:
> First I will let you know what I am trying to do. I am looking for some
way
> to have users create there own user names and passwords from a website
of
> some sort. And then have squid authenticate from the accounts created
from
> the website. I have been looking for a couple months but am starting to
run
> out of ideas. Does anyone have any idea of how this is possible?

Your idea collapses into a simple case of: popup the auth login and accept
anything that is entered.

Squid bundles with fake authenticators for testing that does exactly that.
For the older versions there is
http://wiki.squid-cache.org/ConfigExamples/Authenticate/LoggingOnly

You seem to be stuck in the idea that having a auth popup alone makes
things secure. The entire purpose of an authentication is to control who
gets access. Allowing random people to add themselves anonymously is not a
good idea.

Amos
Received on Wed Oct 21 2009 - 22:49:23 MDT

This archive was generated by hypermail 2.2.0 : Thu Oct 22 2009 - 12:00:03 MDT