Re: [squid-users] Config: NTLM & Exceptions for specified servers?

From: Henrik Nordstrom <hno@dont-contact.us>
Date: 06 Mar 2003 16:00:28 +0100

It is a matter of the order of your http_access rules..

http_access is a ordered list of rules. The first http_access rule which
matches the request (all listed acls are true) will allow or deny the
request.

If one of the acls on the http_access line does not match the request
Squid continues with the next http_access line.

Regards
Henrik

tor 2003-03-06 klockan 15.26 skrev Sorisio,Chris:
> Hola folks,
>
> I'm attempting to configure Squid 2.5.1 to support NTLM authentication while
> allowing exceptions for specified clients.
>
> I have the NTLM authentication portion working with these snippets (though
> it only authenticates against the domain the server is in, and I need to get
> it to auth against other domains as well):
>
> auth_param ntlm program /usr/lib/squid/wb_ntlmauth
> auth_param ntlm children 5
> auth_param ntlm max_challenge_reuses 0
> auth_param ntlm max_challenge_lifetime 2 minutes
>
> external_acl_type wb_group %LOGIN /usr/lib/squid/wb_group
> acl ProxyUsers external wb_group wwwusers
>
> http_access allow ProxyUsers
>
> I also have:
>
> acl ssupp001 src 192.188.103.79/255.255.255.255
> http_access allow ssupp001
>
> Along with the usual entries for localhost.
>
> Unfortunately, wget still spits out 407 errors requiring proxy auth.
>
> Am I missing something to tell Squid to permit specified clients regardless
> of ntlm?
>
> Thanks,
>
> Chris

-- 
Henrik Nordstrom <hno@squid-cache.org>
MARA Systems AB, Sweden
Received on Thu Mar 06 2003 - 08:00:37 MST

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:13:57 MST