On Fri, 20 Feb 2004, Frank Fegert wrote:
> 1.) Assuming that the browser submits browsertype and OS-version at > each request, i could use this information. The question is how > i would access the information and pass it to an ACL? See the browser ACL. It uses regex patterns for matching the User-Agent header as sent by the client. MSIE and most browsers include comment information in this header indicating which OS they run on. > 2.) Taken from the squid logs the client submits it's IP upon each > request. I would resolve the IP to a hostname, and look up if a > workstation object of the same name exists in the ADS by using > ldapsearch. Regarding the use of ldapsearch i would add the code > to squid_ldap_auth. The idea is good, but authentication is the wrong place to add this into. What you should do for implementing this idea is to write a small external helper to Squid which performs only this check. See the external_acl_type directive. Regards Henrik
