Truth Seeker wrote:
>
>>>> Try putting this acl
>>>>
>>>> acl Java browser Java/1.4 Java/1.5 Java/1.6
>>>> http_access allow Java
>>>>
>>>> This worked for me when using NTLauth.
>>> Thanks, though I'm not the one in need of a solution
>> and I'm not that
>> keen
>>> to give Java full unauthenticated browsing
>> rights.
>>> Perhaps Truth Seeker(?) might try that though.
>>>
>>> Am I to understand that Java is just really bad at
>> NTLM auth, so much so
>>> that people just whitelist it for unauthenticated
>> access?
>>
>> Yes.
>> Personally I recommend adding other ACL such as sources
>> which are allowed
>> to use Java in this way. To reduce the impact and security
>> holes this
>> method opens.
>>
>> Amos
>
> Well Amos, could you please give me an example acl entry to achieve what you said...
>
really you are serious? This is ultimate _basics_ ACL construction.
acl Java browser Java/1.4 Java/1.5 Java/1.6
acl localnet src 192.168.0.1/24
http_access allow localnet Java
Amos
-- Please be using Current Stable Squid 2.7.STABLE6 or 3.0.STABLE18 Current Beta Squid 3.1.0.13Received on Thu Sep 03 2009 - 07:28:00 MDT
This archive was generated by hypermail 2.2.0 : Thu Sep 03 2009 - 12:00:02 MDT