Authenticating proxy server with fine tuned controls

Craig Russell crussell_1969 at
Mon Feb 11 22:07:23 UTC 2008

I am looking for an authenticating transparent proxy server with tiered access.  ie, A user who logs into the proxy can access sites based upon group membership; group1 has unfettered access to the internet, group2 gets filtered access.  Ideally, I'd like to be able to setup groups for various sites and add/subtract users to allow access to various internal sites.

As a diagram, I'd like to do this:

Group1:Unfettered access to internet
Group2:Filtered access to internet
Group3:Access to internal website x
Group4:Access to internal website y

If user1 is in Group1 and Group3 they can access the internet and internal website x
If user2 is in Group2 they can only access filtered websites.
If user3 is in Group2 and Group4 they get filtered internet access and access to internal website y

Is their an open-source or commercial product that provides for this type of granular control of access?

I've setup squid with authentication before, although it was several years ago, but I didn't need to have that granular of a control set.



More information about the freebsd-questions mailing list