Search squid archive

proxy_auth authentication exemption problem

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Hi list,
I have a simple user based authentication using ncsa_auth, and the same time excluding authentication for some users using src IP address. This works fine. until i have a requirement which needs to ban some websites but not from some authenticated users.
so my previous squid.conf is like this, and this works on the exemption of the user1, user2, and user3 from authenticating while prompting for others: 
---------------------------------------------------------
acl banned dstdomain "/usr/local/etc/squid/banned.txt"
auth_param basic program /usr/local/libexec/ncsa_auth /usr/local/etc/squid/htpasswd 
auth_param basic children 50
auth_param basic realm my domain
auth_param basic credentialsttl 2 hours

#acl of excempted IPs from authenticating using ncsa_auth
acl user1 src 192.168.1.1/255.255.255.255
acl user2 src 192.168.1.2/255.255.255.255
acl user3 src 192.168.1.3/255.255.255.255
acl password proxy_auth REQUIRED

http_access allow user1
http_access allow user2
http_access allow user3

http_access deny banned
never_direct allow all
never_direct allow password
------------------------------------


But when I tried to change the squid.conf to:
------------------------------------
acl banned dstdomain "/usr/local/etc/squid/banned.txt"
auth_param basic program /usr/local/libexec/ncsa_auth /usr/local/etc/squid/htpasswd 
auth_param basic children 50
auth_param basic realm my domain
auth_param basic credentialsttl 2 hours

#acl of excempted IPs from authenticating using ncsa_auth
acl user1 src 192.168.1.1/255.255.255.255
acl user2 src 192.168.1.2/255.255.255.255
acl user3 src 192.168.1.3/255.255.255.255
acl user4 proxy_auth username4  <--
acl user5 proxy_auth username5 <--
acl password proxy_auth REQUIRED

http_access allow user1
http_access allow user2
http_access allow user3

http_access allow user4 banned <--
http_access allow user5 banned <--
http_access deny banned
never_direct allow all
never_direct allow password
-------------------------------------
All users are then prompted for authentication including user1, user2 and user3, there's no more exclusion in the ncsa_auth authentication. 
Where did I go wrong? any hints or tip is greatly appreciated.


regards,
Kenneth
[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux