Dave Coventry wrote:
Hi, I was hoping to replace the ERR_ACCESS_DENIED page with a logon page which could authenticate the user against a password. It doesn't need to be very secure. The problem is that the logon page cannot call the required CGI scripts from /usr/local/squid/share/errors/English/ Attempting to place the logon page in "/var/www/apache2-default/" using "deny_info /var/www/apache2-default/login.html ipauthACL" generates this error: 2008/03/12 13:33:33| errorTryLoadText: '/usr/local/squid/share/errors/English//var/www/apache2-default/login.html': (2) No such file or directory Using "deny_info http://localhost/login.html ipauthACL" or "deny_info http:/192.168.60.254/login.html ipauthACL" appears to work, but subsequent calls to (say) "cgi-bin/auth.pl" are appended onto the original URL. For example, if the user requests "www.toyota.co.za", "www.toyota.co.za/cgi-bin/auth.pl" is returned. Is there any way of modifying this behavior?
By hosting the cgi on a web server that can run it and pointing deny_info at the URI. You may need to setup a deny_info for each ACL you plan on using to block access.
Amos -- Please use Squid 2.6STABLE17+ or 3.0STABLE1+ There are serious security advisories out on all earlier releases.
