[squid-users] HELP - squidGuard, Squid amd LDAP authentication/groups

Hi.

I'm using squidGuard for content filtering and it's great (fast and =
reliable).

Till now I've been using Squid and squidGuard block/don't block based on =
IP adresses. But now, because some "new" policies, I must do the control =
based on username and groups of my LDAP server.
Ok. I did it fine with pam_auth, pam_auth and ldap_groups, but I'm having =
trouble to integrate all this with squidGuard (all blocking mechanism). =
And, moslty, my problems were originated because the way the "new" =
poilicies must be implemented. See bellow:

1. the user enter a URL in his browser;
2. if the URL is authorized, the navigation goes on, no blocking;
3. if the URL is not authorized (porn, gambling, ...), there must be =
authentication (via pam_auth + pam_ldap);
4. then after user authenticates, it's verified against LDAP groups to see =
if he belongs to NOBLOCK group;
5. if yes (the user belongs to NOBLOCK group), the navigation goes on, no =
blocking, but logged;
6. if no (the user doens't belong to NOBLOCK group), the navigation is =
denied.

So, I know that it's a bit complex (and the e-mail a bit longer), my =
question is: how can I implement this using squidGuard?

Maybe the developers or some user from the list could have a thought or =
two on this issue.

Thanks in advance.

Maur=EDcioWP.

Maur=EDcioWP.

.................................................. ...........
Maur=EDcio Westendorff Pegoraro
Analista de Sistemas - Seguran=E7a
ADP Brasil
Suporte ADP RBS

51 3218-6227
mauricio.pegoraro@adprs.com.br
.................................................. ...........