Search squid archive

Brief Flash of CACHE_ACCESS_DENIED on 302 (yahoo.com)‏

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 


Hello Squid Users,

Here is my problem: For our proxy_auth users, yahoo.com briefly flashes a CACHE_ACCESS_DENIED error before showing the page. Is there something I am not understanding about 302 Redirects? I am an old time squid users, I did not face this issue with older squids.

I tried all variations of http_access and can't get rid of CACHE_ACCESS_DENIED flashes on yahoo.com with authenticated users.

Squid: 3.1.0.14
RHEL 5.4 x86_64
IE7
proxy_auth NCSA_AUTH basic

NOTE: All acl's related to local ips / localhost, etc are removed for the sake of simplicity in testing.

Thanks in advance for your help!

Jen


./squidclient -h 127.0.0.1 -u TEST -w TEST -p 3128 http://www.yahoo.com
HTTP/1.0 302 Moved Temporarily
Date: Sun, 22 Nov 2009 20:05:51 GMT
Location: http://m.www.yahoo.com/

The document has moved here.

2009/11/23 00:07:47.587| Ready to serve requests.
2009/11/23 00:07:48.176| storeLateRelease: released 0 objects
2009/11/23 00:07:55.334| The request GET http://www.yahoo.com is DENIED, because it matched 'WANUSERS'
2009/11/23 00:07:55.336| errorpage.cc(1038) BuildContent: No existing error page language negotiated for ERR_CACHE_ACCESS_DENIED. Using default error file.
2009/11/23 00:07:55.340| The reply for GET http://www.yahoo.com is ALLOWED, because it matched 'all'
2009/11/23 00:07:55.344| ConnStateData::swanSong: FD 6
2009/11/23 00:08:33.132| authenticateAuthUserAddIp: user 'TEST' has been seen at a new IP address (127.0.0.1:5199)
2009/11/23 00:08:33.132| The request GET http://www.yahoo.com is ALLOWED, because it matched 'WANUSERS'
2009/11/23 00:08:33.172| The reply for GET http://www.yahoo.com/ is ALLOWED, because it matched 'all'


./squidclient -h 127.0.0.1 -u TEST -w TEST -p 3128 http://www.google.com
HTTP/1.0 200 OK
Date: Sun, 22 Nov 2009 20:09:22 GMT


2009/11/23 00:10:03.829| The request GET http://www.google.com is ALLOWED, because it matched 'WANUSERS'
2009/11/23 00:10:03.875| The reply for GET http://www.google.com/ is ALLOWED, because it matched 'all'



acl WANUSERS proxy_auth REQUIRED
acl BADGUYS proxy_auth "/squid/BADGUYS"
acl ERR_BADGUYS src 0.0.0.0/0.0.0.0

http_access allow WANUSERS !BADGUYS all
http_access deny BADGUYS ERR_BADGUYS
http_access deny !WANUSERS all

deny_info ERR_BADGUYS ERR_BADGUYS 		 	   		  
_________________________________________________________________
Hotmail: Trusted email with powerful SPAM protection.
http://clk.atdmt.com/GBL/go/177141665/direct/01/
[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux