RE: [squid-users] Allow connect specify https website without ncsa authentication

-----Original Message-----
From: Muthukumar [mailto:kmuthu_gct@hotmail.com]
Sent: Tuesday, June 15, 2004 3:49 PM
To: Niti Lohwithee; squid-users@squid-cache.org
Cc: Chettha Nitipongvanich
Subject: Re: [squid-users] Allow connect specify https website without
ncsa authentication

[authen section]
auth_param basic program /squid/bin/ncsa_auth /squid/etc/passwd

[acl section]

acl SSL_Ports 443
acl host_allowed src "/squid/etc/host_allowed.txt"
acl passwd proxy_auth REQUIRED
acl special_domain dstdomain "/squid/etc/special_domain.txt"

[http access section]
http_access allow yyyy yyyyyy
.....
http_access allow xxxxx xxxxxxxx
http_access allow host_all passwd

File [special_domain.txt]
             .tac.co.th

File host_allow = all Intranet ip address

The above details configuration file of squid.conf. My requirements
want everyone connect to ssl website namely
https://sonic2.tac.co.th/bp3/bin/Index without a authentication. The
defaut users must authenication using last rule of http_access.

The last rule base that is "http_access allow host_allowed passwd "
means require user name

>>>>>>>>

[Reply]

    I hope your authentication method is working fine. Else check this
with command line procedure.

    Change your squid.conf as

    ---- squid.conf ----
    # http_access settings

    .....< other settings without effecting the following settings>....

    # Allow all to access https sites
    http_access allow SSL_Ports

    # Authentication for Intranet ip address with the default usership
    http_access allow host_allowed passwd

    # Deny access by default to end up
    http_access deny all

Regards,
Muthukumar.

        I would allow https for special_domain only. For another
domain,the user must authentication.
But, The above config allows all domain for ssl service.

Regards
Niti : )
Received on Tue Jun 15 2004 - 03:16:42 MDT