John Peterson wrote:
>
> Still having problems using the external_acl_type command. Can someone point me in the right direction. I have some example code that was working with the regular auth_param basic but I would like to use the external_acl_type because it can call the program when needed, however I'm not having any luck applying the code. Thanks for your help.
>
>
> https_port 442 defaultsite=www.tucows.com accel vhost
> cert=/squid-cert5/regobie2-c.crt
> key=/squid-cert5/squid_key.pem vhost
>
> logfile_rotate 8
>
> #both cache pools go to the same server, but we want to
> control how people access the site via the #acl lists. On
> port 443 they need a CAC, on 442 they can login via the sql
> server.
> #cache for server test.com
>
> visible_hostname proxy
> #auth_param basic program /usr/bin/php
> /usr/local/squid/libexec/squid_php_auth.php
> #auth_param basic children 40
> #auth_param basic realm proxy_auth
> #auth_param basic credentialsttl 2 hours
> external_acl_type MyAclHelper %LOGIN /usr/bin/php
> /usr/local/squid/libexec/squid_php_auth.php
The %LOGIN option requires auth_param settings setup to do the login.
Which is then passed to the external helper.
It looks to me like the auth_param details are what you were wanting.
However I notice there are no http_access lines using the port ACL. This
may be where your testing shows bad results.
> acl proxyauth external MyAclHelper
> #acl proxyauth proxy_auth REQUIRED
>
> acl noport2 myport 443
> #acl Auth proxy_auth REQUIRED
> acl noport myport 442
> #this acl is just assiging a acl name to the test.com
> location. We will use this acl name in the #http_access
> section. We can also combine acl lists together.
>
> cache_peer www.tucows.com parent 80 0 no-query originserver
> login=PASS name=www.tucows.com
> acl site3 dstdomain www.tucows.com
> cache_peer_access www.tucows.com allow site3
> #http_access allow site3
> http_access allow site3 proxyauth
> #http_access allow site3 Auth
>
> #acl all src 0.0.0.0/0.0.0.0
>
> http_access deny all
> debug_options ALL,1 32,2
> cache_effective_user squid
> cache_effective_group squid
> cache_access_log /usr/local/squid/var/logs/access.log
>
>
>
Amos
-- Please be using Current Stable Squid 2.7.STABLE7 or 3.0.STABLE20 Current Beta Squid 3.1.0.15Received on Thu Dec 31 2009 - 04:45:10 MST
This archive was generated by hypermail 2.2.0 : Thu Dec 31 2009 - 12:00:02 MST