As I said previously, the key to success in these matters is careful
ordering of your http_access rules. The first matching rule matters,
the rest is ignored.
By ordering http_access rules using lists of acl elements basically
any combination is possible. http_access is calculated using standard
top-down shortcut logic.
Regards
Henrik
On Monday 04 August 2003 20.38, malbor@argentina.com wrote:
> Hi Henrik, thanks for your reply. But i have one server that don't
> need acces by authentication. He need access whithout any request.
> In other hands I have a list of users, that must access by
> authentication, BUT only access at one and only site.
> I'm sure you have a lot of work, but any or whatever sample you
> can give me, or url with an similar example, will be apreciated.
> Sincerely thanks.
>
> > On Sunday 03 August 2003 03.24, malbor@argentina.com wrote:
> > > Hello friends: I am new in the subject squid, I'd like help
> > > to bypass authenticacion of squid for a local direction IP
> > > (that server must leave to Internet without requesting me user
> > > and password)
> > >
> > > I d like to know too , how can leave user group access ONLY to
> > > one site (corporate) and nothing else. But the other people
> > > will must access to the rest of internet.
> >
> > You do this by allowing that server access to that site before
> > where you require others to authenticate.
> >
> > http_access is a ordered list of rules. The FIRST rule where all
> > acl names listed matches the request determines if the request is
> > to be allowed or denied.
> >
> > When Squid encounters an ACL requiring a username (proxy_auth
> > etc) it requires authentication from the user.
> >
> > What this means is that you need to create two acls, one for
> > matching the server and one for the site, then make a http_access
> > rule allowing the combination of these two somewhere before your
> > http_access rule which requires authentication.
> >
> > > Sorry for my english. I appreciate any help. Thanks to the
> > > community.
> >
> > Your english is fine. Most of us are not native english speaking.
> >
> > Regards
> > Henrik
> >
> > --
> > Donations welcome if you consider my Free Squid support helpful.
> > https://www.paypal.com/xclick/business=hno%40squid-cache.org
> >
> > If you need commercial Squid support or cost effective Squid or
> > firewall appliances please refer to MARA Systems AB, Sweden
> > http://www.marasystems.com/, info@marasystems.com
Received on Mon Aug 04 2003 - 14:01:38 MDT
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:18:35 MST