OpenLDAP Integration
Integrate SafeSquid with OpenLDAP to enable centralized user identification and group-based access control for Linux/Unix-centric environments.
Integration Workflow
| Step | Task | Goal |
|---|---|---|
| 1 | Simple Authentication | Configure LDAP server connection and enable browser-prompt authentication. |
| 2 | SSO Authentication | Enable transparent authentication for LDAP users via Access Restrictions. |
Why use OpenLDAP with SafeSquid?
- Centralized Identity: Use your existing OpenLDAP directory for proxy authentication.
- Group-Based Access: Categorize users into groups (e.g.,
developers,marketing) and apply different filtering rules. - Linux Compatibility: Ideal for environments that don't use Active Directory but require identity-based security.
- Audit Trails: Identity logs attribute all web activity to specific LDAP usernames.
Verification
After configuring OpenLDAP:
- Fetch Entries: Confirm that LDAP users and groups are listed in the LDAP Entities section of the SafeSquid interface.
- Log Check: Verify successful LDAP binds in
/var/log/safesquid/safesquid.log. - Policy Test: Ensure that a rule restricted to an LDAP group correctly allows members and blocks others.
Next steps
- Configure Simple Authentication to establish the connection.
- Configure SSO Authentication to enable user-aware policies.
- Access Restriction to define what your LDAP groups can access.