On Wed, 26 Aug 2009 17:10:27 +0200, Maik Kündig
<Maik.Kuendig@xxxxxxxxxxxxxx> wrote:
> Hello,
>
>
> Am 26.08.09 16:40, "Amos Jeffries" <squid3@xxxxxxxxxxxxx> schrieb:
>
>>> I have no idea, why I don't get it work ...
>> Have you perhapse got the concurrency= parameter of external_acl_type
>> set?
>
> No I have not set this parameter, or is there a default value to change?
> squid.conf:
> -----8<-----
> acl all src all
>
> auth_param basic program /usr/local/bin/my-auth.pl
> external_acl_type myAclType children=1 ttl=1 %SRC %LOGIN
> %{Proxy-Authorization} /usr/local/bin/foobar
> acl MyAcl external myAclType
> http_access allow MyAcl
>
> #http_access allow all
>
> # DIV
> http_port 3128
> debug_options ALL,1 82,9 4,9 28,9
>
> hosts_file /etc/hosts
> access_log /var/log/squid/access.log squid
> coredump_dir /var/spool/squid
> ----->8-----
>
>
> Thanks and best regards
>
> Maik Kündig
Okay the concurrency is fine then.
You don't seem to have any rules which deny based on auth details though
(allow lines really mean "if authenticated okay, otherwise keep checking
the other lines.")
I'd suggest:
http_access deny !MyAcl
http_access allow all
Amos
