J. Webster wrote:
> I have followed the tutorial here: http://wiki.squid-cache.org/SquidFaq/CacheManager
> and set up acls to access the cache manager cgi on my server. I have to access this externally for the moment as that is the only access to the server that I have (SSH or web).
> The cache manager login appears when I access: http://myexternalipaddress/cgi-bin/cachemgr.cgi
> I have set the cache manager login and password in the squid.conf
> # TAG: cache_mgr
> # Email-address of local cache manager who will receive
> # mail if the cache dies. The default is "root".
> #
> #Default:
> # cache_mgr root
> cache_mgr aaa_at_aaa.com
> cachemgr_passwd aaa all
> #Recommended minimum configuration:
> acl all src 0.0.0.0/0.0.0.0
> acl manager proto cache_object
> acl localhost src 127.0.0.1/255.255.255.255
> acl cacheadmin src 88.xxx.xxx.xx9/255.255.255.255 #external IP address?
You don't need the /255.255.255.255 bit. Just a single IP address will do.
> acl to_localhost dst 127.0.0.0/8
> # Only allow cachemgr access from localhost
> http_access allow ncsa_users
> http_access allow manager localhost
> http_access allow manager cacheadmin
> http_access deny manager
>
> However, whenever I enter the password and select localhost port 8080 from the cgi script I get:
> The following error was encountered:
> Cache Access Denied.
> Sorry, you are not currently allowed to request:
> cache_object://localhost/
> from this cache until you have authenticated yourself.
Looks like the CGI script does its own internal access to Squid to fetch
the page data. But does not have the right login details to pass your
"http_access allow ncsa_auth" security config.
Amos
-- Please be using Current Stable Squid 2.7.STABLE7 or 3.0.STABLE23 Current Beta Squid 3.1.0.16Received on Tue Feb 09 2010 - 04:07:03 MST
This archive was generated by hypermail 2.2.0 : Wed Feb 10 2010 - 12:00:05 MST