Still not working...OK I have:
external_acl_type propel_header_auth %{Hdr:member} /etc
/squid/ident.sh x-pun:user#
Is the "%{Hdr:member}" exactly what I need there? And is
"x-pun:user" needed on the end (x-pun is the header name)?
How is the header looked up and passed to the ident.sh program?
# acl propel_auth external propel_header_auth x-pun #
I assume I need something on the end - is the header name correct or should it be "user" or REQUIRED?
# http_access allow propel_auth http_access deny all #
How do I make this required? I can run ident.sh and it works like it should and I see there is 5 processed started using ps -ax so I know squid is looking at it.
Thank You for your help!
Ryan Lamberton
----- Original Message ----- From: "Henrik Nordstrom" <hno@xxxxxxxxxxxxxxx>
To: "Ryan Lamberton" <ryan@xxxxxxxxxxxx>
Cc: "Henrik Nordstrom" <hno@xxxxxxxxxxxxxxx>; <squid-users@xxxxxxxxxxxxxxx>
Sent: Monday, May 09, 2005 11:15 PM
Subject: Re: [squid-users] external_acl_type with http request header question
On Mon, 9 May 2005, Ryan Lamberton wrote:
Sorry, I had:
external_acl_type propel_header_auth %{Hdr:member} /etc /squid/ident.sh x-pun:user
acl propel_header_auth ident REQUIRED
http_access allow propel_header_auth
you need an acl using the external_acl_type..
acl propel_header_auth external propel_header_auth
After this acl has been evaluated in http_access you may use ident acls to match specific user names if desired. You should not use an ident acl otherwise.
Regards
Henrik
