Search squid archive

Re: help with external_acl_type for php auth

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

John Peterson wrote:


Still having problems using the external_acl_type command. Can someone point me in the right direction. I have some example code that was working with the regular auth_param basic but I would like to use the external_acl_type because it can call the program when needed, however I'm not having any luck applying the code. Thanks for your help.


https_port 442 defaultsite=www.tucows.com accel vhost
cert=/squid-cert5/regobie2-c.crt
key=/squid-cert5/squid_key.pem vhost

logfile_rotate 8

#both cache pools go to the same server, but we want to
control how people access the site via the #acl lists. On
port 443 they need a CAC, on 442 they can login via the sql
server.
#cache for server test.com

visible_hostname proxy
#auth_param basic program /usr/bin/php
/usr/local/squid/libexec/squid_php_auth.php
#auth_param basic children 40
#auth_param basic realm proxy_auth
#auth_param basic credentialsttl 2 hours
external_acl_type MyAclHelper %LOGIN /usr/bin/php
/usr/local/squid/libexec/squid_php_auth.php
The %LOGIN option requires auth_param settings setup to do the login. Which is then passed to the external helper.
It looks to me like the auth_param details are what you were wanting. However I notice there are no http_access lines using the port ACL. This may be where your testing shows bad results. 



acl proxyauth external MyAclHelper
#acl proxyauth proxy_auth REQUIRED

acl noport2 myport 443
#acl Auth proxy_auth REQUIRED
acl noport myport 442
#this acl is just assiging a acl name to the test.com
location. We will use this acl name in the #http_access
section. We can also combine acl lists together.

cache_peer www.tucows.com parent 80 0 no-query originserver
login=PASS name=www.tucows.com
acl site3 dstdomain www.tucows.com
cache_peer_access www.tucows.com allow site3
#http_access allow site3
http_access allow site3 proxyauth
#http_access allow site3 Auth

#acl all src 0.0.0.0/0.0.0.0

http_access deny all
debug_options ALL,1 32,2
cache_effective_user squid
cache_effective_group squid
cache_access_log /usr/local/squid/var/logs/access.log




Amos
--
Please be using
  Current Stable Squid 2.7.STABLE7 or 3.0.STABLE20
  Current Beta Squid 3.1.0.15
[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux