On 17/12/10 23:23, Nick Cairncross wrote:
> Hi List,
>
> A quick Delay Pool question..and a favour..
>
> Currently using basic Delay Pool configuration for users:
>
> delay_class 1 4
> delay_parameters 1 -1/-1 -1/-1 -1/-1 2000000/2000000
Careful with those big numbers. They are in *bytes* and only the recent
versions of Squid can cope with >32-bit values.
> delay_access 1 allow !SERVERSUBNETS AuthenticatedUsers
> delay_access 1 deny all
>
> Users authenticate via Kerberos, NTLM and then Basic (in that order)
>
> My question is; by using AuthenticatedUsers does that require another authentication or is the original one re-used from my acl (acl AuthenticatedUsers proxy_auth REQUIRED) and http_access rule (http_access allow AuthenticatedUsers).
auth happens only once per request. As long as its checked in
http_access delay pools can use the results. delay pools is a "fast"
category test so does not challenge for credentials on its own, and will
not match if they are unknown or missing at the time of pool assignment.
Amos
-- Please be using Current Stable Squid 2.7.STABLE9 or 3.1.9 Beta testers wanted for 3.2.0.3Received on Fri Dec 17 2010 - 13:25:38 MST
This archive was generated by hypermail 2.2.0 : Tue Dec 21 2010 - 12:00:03 MST