Hi,
At 16.16 25/04/2005, Jeroen DEMETS - SAVACO wrote:
> >What user do you use to login on IIS ? It seems that it must have
> >administrators privilege to allow cachemgr to run.
>
>Yep, that's it!
>
>I first used IE to browse to the page and this browser can use
>integrated authentication towards the webpage. IE automatically
>authenticated me on the loginpage for cachemgr as a non-admin-user.
>
>I disabled integrated authentication and allowed only basic. It appears
>that only administrators can access the page.
>
>I will configure Squid to only allow access from the localhost as basic
>authentication isn't really safe.
>
>Thanks for helping out!
You can still use integrated authentication with auth prompting when using
a non administrators users changing the cachemgr.cgi file ACL.
If you remove all users except Administrators and System, you will be prompted.
All problems comes from the new IIS6 process isolation: the cgi application
is not allowed to do something external to its process context when is
running as a normal user.
I think that is possible to change this behaviour in IIS6, but I still
don't have more investigated the problem.
Regards
Guido
-
========================================================
Guido Serassio
Acme Consulting S.r.l. - Microsoft Certified Partner
Via Lucia Savarino, 1 10098 - Rivoli (TO) - ITALY
Tel. : +39.011.9530135 Fax. : +39.011.9781115
Email: guido.serassio@acmeconsulting.it
WWW: http://www.acmeconsulting.it/
Received on Mon Apr 25 2005 - 08:32:15 MDT
This archive was generated by hypermail pre-2.1.9 : Sun May 01 2005 - 12:00:04 MDT