Re: [squid-users] http_access deny !password

Hi Henrik,
Thanks for the reply.
I have resolved the noisy loop with this:

http_access allow allowsite password_all
****http_access deny !password !allowsite
http_access allow password
http_access deny all

>From: Henrik Nordstrom <hno@squid-cache.org>
>To: Marco Berizzi <pupilla@hotmail.com>
>CC: squid-users@squid-cache.org
>Subject: Re: [squid-users] http_access deny !password
>Date: Tue, 11 Jun 2002 08:54:51 +0200
>
>Marco Berizzi wrote:
> >
> > Hi,
> >
> > I'm trying squid 2.5pre7.
> > I have a little problem with my acl.
> >
> > This is piece of my squid.conf
> >
> > acl allowsite dstdomain "bla bla bla"
> > acl password_all proxy_auth REQUIRED
> > acl password proxy_auth_regex -i "me you she"
> >
> > http_access allow allowsite password_all
> > http_access deny !password
> > http_access allow password
> > http_access deny all
> >
> > I want all authenticated people can access some URL
> > (kernel.org, slackware.com etc). This list is the
> > allowsite acl.
> >
> > Then I want other authenticated people (me you she)
> > can access all URL.
> > Now happens a strange thing.
> > If an authenticated people (that aren't member
> > of acl password) try to access a site with
> > external link, the browser prompt for username/password
> > box in an endless loop.
>
>Yes, this is because you deny them access with a proxy_auth acl. When
>Squid detects this it will ask for a new set of credentials enabling the
>user to log in with a user who is allowed access without having to quit
>their browser first.
>
>Regards
>Henrik

_________________________________________________________________
Join the world’s largest e-mail service with MSN Hotmail.
http://www.hotmail.com
Received on Tue Jun 11 2002 - 03:39:09 MDT