RE: [squid-users] Config: NTLM & Exceptions for specified servers ?

That did the trick. Thanks!

-----Original Message-----
From: Henrik Nordstrom [mailto:hno@squid-cache.org]
Sent: Thursday, March 06, 2003 10:00 AM
To: Sorisio,Chris
Cc: squid-users@squid-cache.org
Subject: Re: [squid-users] Config: NTLM & Exceptions for specified
servers?

It is a matter of the order of your http_access rules..

http_access is a ordered list of rules. The first http_access rule which
matches the request (all listed acls are true) will allow or deny the
request.

If one of the acls on the http_access line does not match the request
Squid continues with the next http_access line.

Regards
Henrik

tor 2003-03-06 klockan 15.26 skrev Sorisio,Chris:
> Hola folks,
>
> I'm attempting to configure Squid 2.5.1 to support NTLM authentication
while
> allowing exceptions for specified clients.
>
> I have the NTLM authentication portion working with these snippets (though
> it only authenticates against the domain the server is in, and I need to
get
> it to auth against other domains as well):
>
> auth_param ntlm program /usr/lib/squid/wb_ntlmauth
> auth_param ntlm children 5
> auth_param ntlm max_challenge_reuses 0
> auth_param ntlm max_challenge_lifetime 2 minutes
>
> external_acl_type wb_group %LOGIN /usr/lib/squid/wb_group
> acl ProxyUsers external wb_group wwwusers
>
> http_access allow ProxyUsers
>
> I also have:
>
> acl ssupp001 src 192.188.103.79/255.255.255.255
> http_access allow ssupp001
>
> Along with the usual entries for localhost.
>
> Unfortunately, wget still spits out 407 errors requiring proxy auth.
>
> Am I missing something to tell Squid to permit specified clients
regardless
> of ntlm?
>
> Thanks,
>
> Chris

-- 
Henrik Nordstrom <hno@squid-cache.org>
MARA Systems AB, Sweden