I am new to squid and I try to understand how squid has to be configured for authentication and authorisation. For example if I want to authenticate a user with NTLM or Negotiate and authorise depending on ldap group memberships. I was thinking that I need: auth_param ntlm program /path/to/samba/bin/ntlm_auth --helper-protocol=squid-2.5-ntlmssp auth_param ntlm keep_alive on auth_param ntlm children 5 external_acl_type ldap_group ttl=3600 negative_ttl=3600 children=5 %LOGIN /path/to/helper url=ldap://server.com bind=DC=SERVER,DC=COM acl ntlm proxy_auth REQUIRED acl ldap_check external ldap_group SQUID_USER http_access allow ldap_check # And finally deny all other access to this proxy http_access deny all What I was wondering is how does the authentication helper get invoked ? Do I need also http_access allow ntlm or will ldap_check know that ntlm authentication has to be invoked to get %LOGIN details ? Thank you Markus
