Hi,
I am trying to have users authenticate with our proxy but only for the
purpose of logging their username to keep an eye on web access.
My setup at the moment I have:
SQUID (Non-caching and Authentication) -> Dansguardian -> SQUID (Full
Caching)
All on the same box. Authentication works
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi list,
I have a question regarding proxy_auth, I hope you guys can point me
to where I am doing things wrong.
My issue is, if I use the following:
acl password proxy_auth /usr/local/squid/etc/limited
http_access deny password
and /usr/local/squid
> Hi,
>
> I am trying to have users authenticate with our proxy but only for the
> purpose of logging their username to keep an eye on web access.
>
> My setup at the moment I have:
>
> SQUID (Non-caching and Authentication) -> Dansguardian -> SQUID (Full
> Caching)
>
> All on the same box. Authent
Mark Elsen wrote:
Now I want to divert *all* our http requests through the squid box on
the network, so I only want it to authenticate if it suceeds, if that
makes sense.
No , that doesn't make sense, at all.
SQUID is designed to enforce auth. and then allow http access,
per installed rules.
>
> I am trying to capture the username individuals accessing a site are
> logged on with using ntlm_auth, not allow or deny them access. I want
> everyone to be allowed through does that make more sense? :)
>
When using ntlm_auth, your are still *enforcing* authentication,
though in that
Mark Elsen wrote:
When using ntlm_auth, your are still *enforcing* authentication,
though in that case, it's transparant for the end user (indeed).
And usernames will be logged (indeed too).
Is there a way to:
a) check authentication
b) if authentication succeeds, access proxy with those cr
> Is there a way to:
>
> a) check authentication
> b) if authentication succeeds, access proxy with those credentials
> c) if it doesn't succeed, fall back to allow anyway
>
>
Theoretically ,
acl ntlm_users proxy_auth REQUIRED (alc name assumes ntlm is
auth. scheme)
http_access
Mark Elsen wrote:
> Is there a way to:
a) check authentication
b) if authentication succeeds, access proxy with those credentials
c) if it doesn't succeed, fall back to allow anyway
Theoretically ,
acl ntlm_users proxy_auth REQUIRED (alc name assumes ntlm is
auth. scheme)
>
> Tried that one already, throws up the box asking for user/pass in IE,
> clicking cancel gives the 'cache access denied'
>
>
Which I was afraid off, because any auth. scheme in place can
only work on a fully-committed basis. So once the rule applies , you are either
allowed in or not.
I will a
Mark Elsen wrote:
Tried that one already, throws up the box asking for user/pass in IE,
clicking cancel gives the 'cache access denied'
> Which I was afraid off, because any auth. scheme in place can
only work on a fully-committed basis. So once the rule applies , you are either
allowed in or
On Tue, 2006-02-21 at 12:57 +0100, Mark Elsen wrote:
> SQUID is designed to enforce auth. and then allow http access,
> per installed rules.
Not just Squid :) It's the way HTTP is designed. Noone can work around
that
Kinkie
On Tue, 2006-02-21 at 12:35 +, Jamie Heckford wrote:
> Tried that one already, throws up the box asking for user/pass in IE,
> clicking cancel gives the 'cache access denied'
It shouldn't pop up a box, if ALL the following are true:
- squid is correctly set up and configured
- samba is corr
> Question number 2 if you don't mind, how would I setup two cache_peers
> in my squid.conf (dansguardian as one, the other squid instance as the
> other) and direct connections to the correct one based on an ACL (For
> the restricted users, and unrestricted users subnet)
>
> I have seen this cover
COULD someone provide a plain howto in allowing someone from outside called foo
to the proxy
> Hi list,
>
> I have a question regarding proxy_auth, I hope you guys can point me
> to where I am doing things wrong.
>
> My issue is, if I use the following:
>
> acl password proxy_auth /usr/local/squid/etc/limited
> http_access deny password
>
>
??
proxy_auth ; expects the name of an extern
lör 2006-03-04 klockan 08:49 +0100 skrev Mark Elsen:
> > Hi list,
> >
> > I have a question regarding proxy_auth, I hope you guys can point me
> > to where I am doing things wrong.
> >
> > My issue is, if I use the following:
> >
> > acl password proxy_auth /usr/local/squid/etc/limited
> > http_acc
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Mr. Henrik,
Thanks. Things are now working as expected, what I'm missing are
the quotes in the filename. Login names are now being honored by the ACLs.
Sorry for a messy config and example, it was a non-production setup,
and I was in a kind of hurry
17 matches
Mail list logo