RE: [squid-users] how to force acceptance of usage policy?

From: Ferris, Kieran <Kieran.Ferris@dont-contact.us>
Date: Fri, 17 May 2002 08:58:40 +1000

Call me simple, but what about forcing the homepage to point to a AUP
which declares that by using the Internet from this point onwards that
they accept the agreement? You could code the HTML so that the homepage
that is originally loaded, loads another popup window which cannot be
closed until the Agree/Disagree is clicked. Agree loads the user onto
your company's homepage, disagree closes browser windows. I know it's
not an answer to your problem, but overly technical solutions usually
don't work straight off (dumb user X factor) and take far too long time
to develop.

That's my 2c anyways.

Kieran

-----Original Message-----
From: pbdlists@pinboard.com [mailto:pbdlists@pinboard.com]
Sent: Friday, 17 May 2002 08:31
To: squid-users@squid-cache.org
Subject: [squid-users] how to force acceptance of usage policy?

I'm running a cache infrastructure in a corporate environment with
approximately 5000 users. We're not using transparent proxying, instead
all the browsers are configured with the proxy details. There is a new
requirement on the horizon that each user needs to actively accept the
internet usage policy before being allowed to connect to the internet.
The idea is to have something similar encountered on certiain software
downloads or when installing software, only after you have accepted the
terms you can go on.

First I thought I could do this with a list of users that have accepted
the policy. Those not in this list would be directed to a policy accept
page on an internal webserver by way of deny_info. When the user clicks
on 'accept', the webserver would add the authenticated username to the
list of users that have accepted the policy. But there are two problems
with this: for one I too often need to force a reconfigure of the proxy
so it will reread the updated list and what seems even more of a problem
is the fact that the user is not going to the error page specified in
deny_info unless he cancels the authentication popup box of the browser;
if he just enters his userID and password, the same popup box reapperas
without any indication why, which will confuse users.

Maybe I took a completely wrong approach, but at the moment I can't
think of a different technical solution. Has anybody ever done something
like this before and would be willing to share some info?

Cheers,

Kurt
Received on Thu May 16 2002 - 17:02:11 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:08:08 MST