Mailinglist Archive: opensuse-security (320 mails)

< Previous Next >
Antwort: Re: [suse-security] Looking for a tool (Diese Mail wurde auf Viren gepr?ft.)
  • From: dhoffmann@xxxxxxxxxx
  • Date: Mon, 5 May 2003 08:47:35 +0200
  • Message-id: <OFEEF7EAD4.6AEE123D-ONC1256D1D.00224B1C-C1256D1D.0025AE27@xxxxxxxxxx>
Hi J,

<jfweber@xxxxxxxxxxxxx> wrote on 01.05.2003 14:47:48:

> *** Reply to message from dhoffmann@xxxxxxxxxx on Fri, 2 May 2003
> 14:55:16 +0200***
> Denis,
> I am wondering if I understand what your question means.
>
> > The users should be able to
> > browse certain restricted sites outside of the lan without knowing the
> > credentials (username/password) of these sites.
>
> Are you saying that there is , perhaps , someone in the company who has
> signed up for these sites , and you would prefer that your users not
know
> the login and password details so they can't , for instance, login from
> their box at home?

yes. the administration staff has the credentials, the users shouldn't.

> Also, I suppose if my earlier supposition is correct, you actually have
> a username and password to login onto this restricted site so you can't
> just give permission at your end saying anyone trying to connect from
> 192. etc. where you specify the range, as someone else mentioned should
> be passed on to the website?

also correct. the sites are all external ones, which we have no
further access to but the protected web areas.

> I suppose , not knowing the nature of the website you are talking about
> that just caching the pages at the start of each shift wouldn't work ,
> huh?

unfortunatly, this will not work, cause most of the mentioned sites
deliver dynamically generated content.


i really don't know if there's such a tool at all, but i don't think it's
a unusual demand.

i imagine some kind of proxy, which has the ability to transparently
authenticate
to some certain sites, so the user doesn't notice that it's protected.

the background is, as you supposed, we don't want the "normal" user to
know
the credentials for these sites.


--
Denis Hoffmann
IT

OBG Bau GmbH & Co.KG
Illinger Stra├če 150
66564 Ottweiler
Tel.: 06824 3000 351
Fax: 06824 3000 500
http://www.obg-bau.de/
< Previous Next >
References