Hello again Henrik
Thank you for your answer. My understanding of "deny_info" (with
relation to "http_access deny") was just insufficient...
It might look a little redundant, but according to Scott's advice
I guess an appropriate squid.conf would be as follows:
--- my squid.conf --
deny_info ERR_USER_AUTH_FAILED user_auth_acl
deny_info ERR_MYACL_FAILED myacl
http_access allow user_auth_acl myacl
http_access deny !user_auth_acl
http_access deny !myacl
http_access deny all
--- my squid.conf --
Thanks again.
Regards,
Norio
> > In case 1. below, squid shows ERR_USER_AUTH_FAILED for user_auth_acl,
> > however it shows not ERR_MYACL_FAILED but just ERR_ACCESS_DENIED for myacl...
>
> This is because you never deny requests by "myacl". Only "user_auth_acl"
> (by not being authenticated yet) or the "all" acl when falling thru to the
> "deny all" line.
>
> deny_info works by the acl which was active then the request was denied,
> which makes it match two kinds of acls:
>
> a) The last acl on an http_access deny line
>
> b) An authentication related acl when the user is not yet authenticated as
> this implicitly denies access to request the user to log in.
>
> Regards
> Henrik
Received on Tue Feb 01 2005 - 20:29:02 MST
This archive was generated by hypermail pre-2.1.9 : Tue Mar 01 2005 - 12:00:01 MST