I'm working on setting up squid_session to point users to an acceptable use policy before they are allowed to surf and I just want to get a sanity check on my config. According the man pages (http://linuxreviews.org/man/squid_session/) and several posts (i.e. http://www.mail-archive.com/squid-users@xxxxxxxxxxxxxxx/msg45599.html) found in this archive... I should have the following lines in the TAG acl section of squid.conf: external_acl_type session ttl=300 negative_ttl=0 children=1 concurrency=200 %LOGIN /usr/lb/squid/squid_session acl session external session (note: /usr/lib/squid/ is the where squid_session was put when squid installed) Then in the TAG http_access section, I should have the following: http_access deny !session And finally in the TAG deny_info section, I place the following line: deny_info http://your.server/bannerpage?url=%s session making sure that ?url=%s follows whatever url I put there for my AUP page. However, the above settings did not force the test web client (configured to use the proxy) to view the url for the http://your.server/bannerpage page (currently a static web page to check functionality), so I changed the first line to be: external_acl_type session ttl=300 negative_ttl=0 children=1 concurrency=200 %LOGIN /usr/local/squid/libexec/squid_session -a (note the -a at the end) However, that just made the web client load the requested page really slow without loading the url I for the AUP. I don't have a database set up, I was just going to let the memory hold the session details. Why isn't it redirecting to the AUP? Any suggestions? Am I missing something obvious? Thanks. Craig L. Bowser Information Assurance Manager ------------------------------- To lead a symphony You must occasionally turn your back on the crowd. - Anonymous
