www-modproxy-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Andrew Musselman <and...@cwu.EDU>
Subject Re: Question about the list
Date Wed, 17 Aug 2005 22:33:34 GMT
Hi Ian,

Thanks for the response; I'll try posing my question on that list as

I will try to get apache's auth stuff to work with proxying; the thing
is, I want users to be able to point to http://my.proxy.edu:81, get
authenticated, be able to select a printer address from a list, and then
have their traffic go through the proxy, to the printer, and back.

For another project I've used a cookie scheme similar to what you
suggested, but our network person wants to make it more secure.

I'll keep working on it, and thank you again.


Andrew Musselman
>>> Ian.Holsman@cnet.com 08/17/05 12:51 PM >>>
Hi Andrew.
I'm sure these kind of questions are best answered on httpd- 

there are two options here.
you can either use apaches authentication handling, which will prompt  
you with a dialog for a user/password
you can use rewrite and do a cookie check which redirects non-cookied  
people to a special page which does the LDAP
lookup and cookie setting.

Some people @ columbia wrote a module called mod_auth_pamacea does  
this I believe. the only caveats I see with it are
:- it is GPL
:- the session manager it uses is file based, which won't scale  
(their words) but you could change the session manager to use
    a mysql DB or somesuch if you need scalability


On 18/08/2005, at 3:30 AM, Andrew Musselman wrote:

> Well, after searching the archive more I found some usage questions;
> hence I will post my own :)
> We are trying to shut down web access to all our networked printers on
> campus "the easy way":  set up a proxy server through which only
> selected people can access the printers.  The authentication can be  
> done
> using LDAP.
> A couple of methods have been suggested, and I am researching them
> now:
> (1) mod_ssl + mod_auth_ldap + mod_proxy
> (2) mod_ssl + mod_authz_ldap + mod_proxy
> (3) mod_ssl + A nice little PHP login page that queries LDAP before
> turning things over to mod_proxy.
> So far I have had success with setting up a virtual host as a forward
> proxy and with activating SSL for LDAP queries through a login  
> page, but
> I'm really confused about something:  how could I set things up so  
> users
> visit some login page, their credentials are checked through LDAP, and
> then they are forwarded to the printer they want?
> Does anyone have any suggestions, or has anyone tried this and gotten
> anywhere?  Thanks for your time.
> Best,
> Andrew
> Andrew Musselman
> andrew@cwu.edu
>>>> Andrew@cwu.EDU 8/17/2005 9:56 AM >>>
> Hello--
> I have some questions that are not development questions, but I
> couldn't find a list for just the use of mod_proxy.  Does anyone know
> of
> a list that might be appropriate?
> Thank you,
> Andrew
> Andrew Musselman
> andrew@cwu.edu

Ian Holsman
Network Management Systems
CNET Networks
PH: 415-344-2608 (USA) /(++61) 3-9877-0909 (Australia)

View raw message