We have 12 locations in our Intranet with all internet blocked except for a few selected websites. Some users need full access to the Internet. They use thin clients to a Debian server and are configured to access select sites through our Squid Proxy. Since we use one server per location. I cannot configure spefic IP addresses from each client. The Proxy see's only the server IP. I think using User:Password Authentication would be the plausible solution. I need to know if it is posible to use User:Password authentication only when needed. Following the rules of the ACL; I need it only to prompt for username and password when the conditions are not met. I do not want it to prompt for user/password every time someone uses their web browser. I understand that you must add the following to the squid.conf file. authenticate_program /usr/local/squid/bin/ncsa_auth /usr/local/squid/etc/passwd Can it be placed as a ACL condition when my existing conditions are not met? Regards, Jason
