2016-06-08 20:30 GMT-03:00 Marcus Kool <marcus.k...@urlfilterdb.com>:
> > > On 06/08/2016 07:53 PM, Sergio Belkin wrote: > >> >> Thanks Eliezer, good summary. I've changed the subject to reflect better >> the issue. As far I undestand from documention one can bump https only by >> interception. >> > > No. ssl-bump works very well with regular proxy mode, i.e. the browsers > configure the address and port of the proxy or use PAC. > > But what about if one Windows user login against an Active Directory, will >> the authenticacion work to use the proxy? >> >> I mean, what I'd want is: >> >> - Only users of an Active Directory can use the proxy >> > > In regular proxy mode, authentication and peek+splice works fine. > Note that peek+splice does not require Squid CA certificates on the > clients. > With peek+splce I block urls without CA certificates on the clients? Remember I mean urls, not only domains! > > - Block certains urls >> >> Is that possible with squid+ufwdbguard? >> > > ufdbGuard works always, independent if Squid uses interception or not. > The issue is the messages that a browser displays for the end user (see > earlier email). > > Marcus > _______________________________________________ > squid-users mailing list > squid-users@lists.squid-cache.org > http://lists.squid-cache.org/listinfo/squid-users > -- -- Sergio Belkin LPIC-2 Certified - http://www.lpi.org
_______________________________________________ squid-users mailing list squid-users@lists.squid-cache.org http://lists.squid-cache.org/listinfo/squid-users