I look after a school network. Our ISP offers 4 layers of filter on their proxy server, each one on a different port.
I need to run a local proxy (transparent if possible) that will:
detect a new user/browser session,
redirect to my custom login page which will
authenticate against AD
return to the proxy the user designation (ie staff, student, admin etc)
then the proxy is to point that user to the correct port on the ISP's proxy.
A teacher logs in at the client and launches IE. IE gives them a splash/login screen. Teacher logs in and is authenticated. From then on the teacher's browser is forwarded to the "staff" proxy at the ISP. Had it been a student logging in then they would be passed through to the "student" proxy at the ISP.
Will Squid do the proxy side of things? (I can write an asp.net login page to do the authentication and can happily pass back any header that Squid requires...)
Most likely....check here --> Squid Site