Hey Albert, It's preferable to use an external ACL compared to reloading the squid conf in general. It will probably require to use external acl helper with the authenticated username as a detail which is being sent to the helper. Let's take an example.org squid.conf for the "project". On what ports squid listens? 80 and 443? It's a reverse proxy or a forward proxy which is defined in the client browser? An "auto" reload of squid can be done using couple of systemd triggers. If it's enough for you I can try to research how it can be done and we will go on from there. If you wish to choose the "dark" path of external_acl helper development I will also be happy to try and assist you in my spare time (which is not a lot these days). Eliezer -----Original Message----- From: Albert Shih <Albert.Shih@xxxxxxxx> Sent: Wednesday, May 8, 2024 10:55 AM To: ngtech1ltd@xxxxxxxxx Cc: squid-users@xxxxxxxxxxxxxxxxxxxxx Subject: Re: Dynamic ACL with local auth Le 06/05/2024 à 12:21:10+0300, ngtech1ltd@xxxxxxxxx a écrit Hi, > > The right way to do it is to use an external acl helper that will use some kind of database for the settings. Ok. I will check that. > The other option is to use a reloadable ACLs file. But those this reload need a restart of the service ? > But you need to clarify exactly the goal if you want more then a basic advise. Well..pretty simple task I need to build a squid server to allow/deny people access to some data (website) because those website don't support authentication. But the rule of access “allow/deny” are manage in other place through another application. So the goal is to have some «thing» who going to retrieve the «permissions» of the user and apply the ACL on squid. It's not «ultra dynamic» the modification of the permissions will occur time to time. So even a reload will do.....if the reload don't need a shutdown of squid. Thanks. Regards -- Albert SHIH 🦫 🐸 France Heure locale/Local time: mer. 08 mai 2024 09:51:00 CEST _______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx https://lists.squid-cache.org/listinfo/squid-users
