Hello everyone, I am having a difficult time. I am not just trying to do something similar to http://wiki.squid-cache.org/ConfigExamples/Authenticate/Bypass, but without blocking most sites for unauthenticated users. The sites I need to block except for certain groups / authentication, etc., are not known at http_access time, only at http_reply_access time. Because of this, I am not sure how to trigger the negotiate process and not block authenticated users. The below does not work. I am not sure why it doesn't, but it does block on access control / authentication for all web sites, not just the category blocked (yes, I left the deny on http_reply_access out below, but it exists). auth_param negotiate program /usr/lib64/squid/negotiate_kerberos_auth auth_param negotiate children 10 auth_param negotiate keep_alive on acl authenticated_users proxy_auth http_access allow !authenticated_users all http_access allow authenticated_users all http_reply_access allow TextConfidenceSolid SOME_ACL authenticated_users http_reply_access allow TextConfidenceSolid ANOTHER_ACL authenticated_users I would greatly appreciate any help in figuring this out. Thank you, Trever
Attachment:
signature.asc
Description: OpenPGP digital signature
