> My preference would be to support multiple auth_param settings, selected
> by acl.
OK, I've had a stab at implementing this. I've kept the squid.conf
backwards compatible so the notation for the auth_param is now a bit
weird:
auth_param ntlm program foo
auth_param ntlm children 5 startup=5 idle=1
auth_param basic program bar
auth_param basic children 5 startup=5 idle=1
auth_param basic realm Squid proxy-caching web server
auth_param basic credentialsttl 2 hours
auth_param -n test basic program baz
auth_param -n test basic children 5 startup=5 idle=1
auth_param -n test basic realm test server
auth_param -n test basic credentialsttl 2 hours
acl authtest proxy_auth -n test REQUIRED
acl authenticated proxy_auth REQUIRED
acl me src 172.21.120.100
http_access allow me authtest
http_access allow !me authenticated
http_access deny all
The above config means that I can only do basic authentication with the
program baz and everyone else can do ntlm and basic using foo and bar.
I'm very keen for your option of the change as I've never made such a
large change to squid before, any comments and criticism will be
gratefully received.
Cheers,
-- Michael Graham <mgraham_at_bloxx.com>
This archive was generated by hypermail 2.2.0 : Sat May 29 2010 - 12:00:12 MDT