On Wednesday 29 May 2002 01:48, Alex Petrov wrote:
> HN> http_access deny all +U
> hmm and how it save in already existing structures ?
> I must look in code...
Changing the internal structure of http_access to support this is no
big deal.
>> Correct. authentication is given a higher priority than ident
>> in such case as the authenticated user id is more reliable
>> than ident..
>
> But in life one didn't exclude other, and your solutions
> also allow ppl to break security, steeling proxy passwords on unix
> one machine between different users is more then real.
Yes, we know this, and is why there is a project to make Squid's log
format customizable.
See http://devel.squid-cache.org/custom_log/
> Bandwidth & accounting control is still very useful and required
> features. Bandwidth already realized in squid,
> but accounting I think still missing.
True, and is something we hope to address at some time in the future.
There is two issues one needs to consider when doing this
a) What constitutes a "user" for the accounting. In some
configurations this is an IP address, in some it is a authenticated
userid, and in a few it is ident. Some may wants to combine IP and
userid/ident..
b) If doing time accounting, one must also define what constitutes a
session.
>> and please keep design discussions
>> cc: squid-dev@squid-cache.org
> Should I join to this list before ?
Should not be needed, but your messages will appear quicker if you are
subscribed (unsubscribed posts are moderated).
Regards
Henrik
Received on Wed May 29 2002 - 02:36:24 MDT
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:15:31 MST