[squid-users] help with external_acl_type for php auth

From: John Peterson <johnp125_at_yahoo.com>
Date: Tue, 29 Dec 2009 06:55:12 -0800 (PST)

Still having problems using the external_acl_type command. Can someone point me in the right direction. I have some example code that was working with the regular auth_param basic but I would like to use the external_acl_type because it can call the program when needed, however I'm not having any luck applying the code. Thanks for your help.

https_port 442 defaultsite=www.tucows.com accel vhost
cert=/squid-cert5/regobie2-c.crt
key=/squid-cert5/squid_key.pem vhost

logfile_rotate 8

#both cache pools go to the same server, but we want to
control how people access the site via the #acl lists. On
port 443 they need a CAC, on 442 they can login via the sql
server.
#cache for server test.com

visible_hostname proxy
#auth_param basic program /usr/bin/php
/usr/local/squid/libexec/squid_php_auth.php
#auth_param basic children 40
#auth_param basic realm proxy_auth
#auth_param basic credentialsttl 2 hours
external_acl_type MyAclHelper %LOGIN /usr/bin/php
/usr/local/squid/libexec/squid_php_auth.php
acl proxyauth external MyAclHelper
#acl proxyauth proxy_auth REQUIRED

acl noport2 myport 443
#acl Auth proxy_auth REQUIRED
acl noport myport 442
#this acl is just assiging a acl name to the test.com
location. We will use this acl name in the #http_access
section. We can also combine acl lists together.

cache_peer www.tucows.com parent 80 0 no-query originserver
login=PASS name=www.tucows.com
acl site3 dstdomain www.tucows.com
cache_peer_access www.tucows.com allow site3
#http_access allow site3
http_access allow site3 proxyauth
#http_access allow site3 Auth

#acl all src 0.0.0.0/0.0.0.0

http_access deny all
debug_options ALL,1 32,2
cache_effective_user squid
cache_effective_group squid
cache_access_log /usr/local/squid/var/logs/access.log

      
Received on Tue Dec 29 2009 - 14:55:22 MST

This archive was generated by hypermail 2.2.0 : Thu Dec 31 2009 - 12:00:02 MST