Hi Amos, The configuration I post last time still cannot accomplish the tasks. So, you mean the "CONNECT" ACL and must pair with normal "GET" command ACL to be evaluated by squid ? Best, Kelvin Yip -----Original Message----- From: squid-users [mailto:squid-users-bounces@xxxxxxxxxxxxxxxxxxxxx] On Behalf Of Amos Jeffries Sent: Friday, November 07, 2014 4:29 PM To: squid-users@xxxxxxxxxxxxxxxxxxxxx Subject: Re: Squid ACL, SSL-BUMP and authentication questions -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 7/11/2014 8:35 p.m., squid-list wrote: > Hi, * **"Access to google maps(https://www.google.com/maps) should > prevent any authentication need"* > > I could understand that all users should be able to access the google > maps link without any authentication. For this you could add the site > acl before the authentication part in the squid conf. So that users > will not prompt for the authentication when the user try to access the > google map site. But when they try to access any other site > authentication will be prompted. This cannot be done. You can authenticate the user setting up a CONNECT tunnel, OR you can bypass authentication for them. That authentication choice applies equally all requests sent over the tunnel. Whether they are for maps or for any other Google service. And it must be made *before* the tunnel is setup. Thus *before* the URL inside the tunnel becomes known. Amos -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.22 (MingW32) iQEcBAEBAgAGBQJUXIKwAAoJELJo5wb/XPRjMoMH/2yCMjxisbxWBAYnp+96908O W46taJk7kqwUbtv76aOsSEcPpc3cBl4E+nFv7cQofRqgobcR2wTsJtgRupjuIgSb SYPQKqJolbs/7wF5nhxbggewSfRU7B21aULKStkXV7BUWNlUIaV1vUsv+J1JV8OP U/HkcVeXny1khCjF9nEKeXNUpOioUQ0LpPboAOrLnfZZfY098NkGubJF04/stUCQ QXIErZ8cwX7yJ1x+yIwlVw4KVbtGaBJ8dd8PH4q3DknzAVxfJ0LZgYJC3nKTQMZ3 vUTMV33Rf94Y9x/yNrs6AVWcR3rLl08GkpFv3owqItkHa1hi7yFCuEg5e3bOFFA= =AMi0 -----END PGP SIGNATURE----- _______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users _______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
