Search squid archive

Re: Bypass NTLM authentication on regex in URL

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



ons 2009-07-22 klockan 04:54 -0700 skrev Nickcx:
> can give more details on what I see in the logs but basically on the BC and
> ISA I add a rule to bypass authentication if the URL contains '/open/1' or
> http://*:1935/. 

And you can easily do the same in Squid. Just keep your order of
http_access rules right.

acl open1 urlpath_regex ^/open/1
acl port1935 port 1935

http_access allow open1
http_access allow port1935

before where you allow access.


But please DO NOT change the "all" acl from the default src 0.0.0.0/0.
There is several built-in default rules which assumes the suggested
default settting of all and those will behave strangely unless you
override those as well.

insetad use

acl all src 0.0.0.0/0
acl users proxy_auth REQUIRED

or something like that.

> 1248263503.555     13 172.16.0.57 TCP_DENIED/403 1471 POST
> http://92.122.125.63/open/1 - NONE/- text/html

Hmm.. TCP_DENIED/403.. that's "Forbidden", not "Authentication
required"...  MAY be related to your modification of "all".

Regards
Henrik


[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux