authentication and deny questionYou could try changing
http_access deny badDomain password
to
http_access deny password badDomain
Squid denies the request as soon as it knows there is a problem. This is a
speed optimisation. (If you had
http_access deny acl1 acl2 acl3 acl4 acl5
and they were all regex acl's it would chew up CPU so perform all the regex
matchs when squid knows that access will be denied after one of them
matches.
Anyway see if that helps.
Rob
----- Original Message -----
From: Drash, Jim [EESUS]
To: Squid-Users (E-mail)
Sent: Saturday, November 11, 2000 5:54 AM
Subject: [SQU] authentication and deny question
I have impelemented authentication for sites not in my domain. I also have
set of destinations that I want to deny but I want squid to prompt for
authentication even if I deny them. Here is what I have setup up
acl myDomain dstdomain .fubar.com
acl badDomain dstdomain .badguys.com .evildoers.net
acl password proxy_auth REQUIRED
http_access allow myDomain
http_access allow !badDomain password
http_access deny badDomain password
1) If I go to any of my sites, I go without being prompted for
authentication which is what I want
2) if I go to other sites not in the badDomain, I get prompted and then if
ok, then access is allowed
3) if I go to a badDomain, I get prompted for my authentication over and
over. I want the authenticatino to happen then the ERR_ACCESS_DENIED error
to be presented.
anyone one have any suggestions?
jim drash
<jdrash@eesus.jnj.com>
-- To unsubscribe, see http://www.squid-cache.org/mailing-lists.htmlReceived on Fri Nov 10 2000 - 17:15:41 MST
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:56:19 MST