On 20/03/11 06:12, Mindaugas Žakšauskas wrote:
Hi,
I am trying to implement custom authenticator for Squid by having something like
auth_param basic program my_authenticator.sh
in the /etc/squid3/squid.conf file. It all works fine, but I want to
make an improvement.
What I want to do is to explain users why they have been denied the
service. According to Squid documentation, this is quite possible:
"ERR" responses may optionally be followed by a error description available as %m in the returned error page.
So in my authenticator I tried to output
ERR You have been browsing too much, come back in 24 hours
instead of just ERR but the browser pop up did not have this text.
Can anyone explain what does %m stand for or point to any example how
to use this?
Your usage and the documentation was correct.
What you will find if you look at the HTTP protocol is that Squid sends
HTTP headers requesting Basic auth credentials. Along with that is an
HTML page containing your message text.
Modern browsers these days do not trust any third-party software to
supply safe display pages for certain things. The noticeable ones being
display text for authentication popups or error response text for
CONNECT requests.
Your message will only show up for browsers which do not support the
requested auth type. Or those which are smart enough to detect that no
available credentials will work (this is rare since they all have that
popup as a last-ditch backup).
So... its a feature mostly useful for manual testing with tools like
squidclient, nc or telnet where the text is always displayed.
Amos
--
Please be using
Current Stable Squid 2.7.STABLE9 or 3.1.11
Beta testers wanted for 3.2.0.5
