Dave Coventry wrote:
> Hi,
>
> I was hoping to replace the ERR_ACCESS_DENIED page with a logon page
> which could authenticate the user against a password. It doesn't need
> to be very secure.
>
> The problem is that the logon page cannot call the required CGI
> scripts from /usr/local/squid/share/errors/English/
>
> Attempting to place the logon page in "/var/www/apache2-default/"
> using "deny_info /var/www/apache2-default/login.html ipauthACL"
> generates this error:
>
>
> 2008/03/12 13:33:33| errorTryLoadText:
> '/usr/local/squid/share/errors/English//var/www/apache2-default/login.html':
> (2) No such file or directory
>
> Using "deny_info http://localhost/login.html ipauthACL" or "deny_info
> http:/192.168.60.254/login.html ipauthACL" appears to work, but
> subsequent calls to (say) "cgi-bin/auth.pl" are appended onto the
> original URL. For example, if the user requests "www.toyota.co.za",
> "www.toyota.co.za/cgi-bin/auth.pl" is returned.
>
> Is there any way of modifying this behavior?
By hosting the cgi on a web server that can run it and pointing
deny_info at the URI.
You may need to setup a deny_info for each ACL you plan on using to
block access.
Amos
-- Please use Squid 2.6STABLE17+ or 3.0STABLE1+ There are serious security advisories out on all earlier releases.Received on Thu Mar 13 2008 - 03:14:34 MDT
This archive was generated by hypermail pre-2.1.9 : Tue Apr 01 2008 - 13:00:05 MDT