> Hello, > > i need to solve following problem. > I have an ldap-server, which i use to authenticate the user. > If the user is in the group, he has access to the group A. If the > authentications fails, he has access to the group B. > > Can anyone tell me, how i can solve this problem. > > I have already have an authentication, but the problem is, that if the > user tries to authenticate, but he has no rights, the > authentication-window > comes again and again. But the user has to be in the group > to_domains_without_auth and the other domains should be blocked. > > So, the relevant code looks like: > > auth_param basic program /etc/squid/ldapauth.pl > acl for_inetusers proxy_auth REQUIRED > > acl to_domains_without_auth dstdomain > "/var/ipcop/proxy/advanced/acls/dst_noauth > .acl" > > > Can anyone help me? > Check the order of http_access * lines in your squid.conf. They are processed in order, and for_inetusers needs to be preceeded by any ACL that allow people through without Auth. For example: http_access allow anybody_without_auth http_access allow for_inetusers http_access deny all Amos
