[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Access control for services



The original squid authenticator I used is http://www.uia.ua.ac.be/u/dbruyne/squid-ldap/

Check http://www.squid-cache.org/related-software.html for more authenticators.

	-JP

On Mon, 22 Jan 2001, Shanker Balan wrote:

> Jan-Piet Mens wrote:
> >Yes, it is possible, but may require some work. I've done it for
> >Squid by writing an external authenticator which searches for
> >a user by using an appropriate filter (&(uid=xxx)(httpaccess=ok)) and
> >having an slapd index on all attributes to make it fast. That was no
> >big problem. You could take the contrib `ldap-auth' and hack that in.
>
> We have a similar thingy implemented in perl. Can you send me the source
> for the squid external authenticator?
>
> >Sendmail may be a bigger problem. Just thinking out loud here: if
> >sendmail would recognize a user as being local when using nss_ldap
> >then you could easily hack nss_ldap to use an appropriate filter.
> >Otherwise I wouldn't know how...
>
> Apparently, MS Exchange 2000(?) has this capability where in one can
> control whether the user is allowed to recive external mail. Does
> sendmail have a similar feature by any chance? I did a search on google
> but not much luck as yet.
>
> >FTP should be easy: try ProFTPD which supports LDAP. You can possibly
> >use your own filter.
>
> ProFTD is what i was looking at also to control FTP service access.
>
> -- Shanu
>
> Mulder: You can't bury the truth!
>
> 	"The X-Files: Aprocrypha"
>