Can’t comment on what’s best for your company. If you plan to do what you described, sounds like a reasonable plan, though many others exist.
You can do this using nginx + vouch to hook into an idp like Okta, and introduce an identity layer into your connection to secure authentication and authorization up. Ldap over internet is a horrible idea. Good luck, Payam On Sun, Mar 12, 2023 at 12:43 PM Mauro Tridici <mauro.trid...@cmcc.it> wrote: > > Dear users, > > I am a newbie and would like to know your opinion about a request I > received at work. > > I will try to describe the problem. > The company at which I work has several locations located within the same > country. The company has subscribed to an online magazine that can be > accessed after providing the public IP with which the various locations > face the public network. > > Instead of providing the various public IP addresses related to each of > the different locations, my boss proposed to set up a proxy server at the > main work location and ask all users in the company to use that proxy to > reach the magazine's site. > In this way, even company users working from home can reach the magazine's > website. > > Following are some questions: > > - In your opinion, is this a suggested or recommended solution? > - if such a solution falls within best practices, could you point me to > some links where examples of configurations are given? > - from the point of view of network security, it doesn't seem to me to be > very secure and I think that, for each of the users, we should create > credentials for access to the proxy server (e.g. through an integration > with the LDAP server), what do you think? > > I thank you in advance, > Mauro > _______________________________________________ > nginx mailing list > nginx@nginx.org > https://mailman.nginx.org/mailman/listinfo/nginx > -- Payam Tarverdyan Chychi
_______________________________________________ nginx mailing list nginx@nginx.org https://mailman.nginx.org/mailman/listinfo/nginx
