RE: Differentiating authenticated and non-authenticated users?

Sun, 30 Mar 2003 08:13:51 -0800 

> How can I set up two sets of rules for user that have authenticated 
> and those who have not?
> 
> In our environment we have users that can surf as they like and 
> users that ara limited to small amount of usefull sites like banks 
> etc. We call these sites open sites and they are defined for squid 
> to be accessed without authentication. All other sites will ask for 
> authentication.

logdir /usr/local/squidGuard/log
dbhome /usr/local/squidGuard/db

src authusers {
      userlist    filename
}

dest porn {
      domainlist        porn/domains
      urllist           porn/urls
      redirect          http://yourserver.com/whatever
      log               blocked.log
}

dest pornexp {
      expressionlist    porn/expressions
      redirect          http://yourserver.com/whatever
      log               blocked.log
}
.
other source groups
.

dest opensites {
      domainlist        opensites/domains
      urllist           opensites/urls
}

acl {
      authusers {
           pass opensites !porn !pornexp .... all
      }

      default {
           pass opensites none
      redirect          http://yourserver.com/whatever
      log               blocked.log
        }
}

---------------------------------

> -----Original Message-----
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED] Behalf Of
> [EMAIL PROTECTED]
> Sent: Sunday, March 30, 2003 6:56 AM
> To: [EMAIL PROTECTED]
> Subject: Differentiating authenticated and non-authenticated users?
> 
> 
> Hi
> 
> I spent a day reading documents and FAQ and googling internet but no luck
> to this question:
> 
> How can I set up two sets of rules for user that have authenticated and
> those who have not?
> 
> In our environment we have users that can surf as they like and users that
> ara limited to small amount of usefull sites like banks etc. We call these
> sites open sites and they are defined for squid to be accessed without
> authentication. All other sites will ask for authentication.
> 
> I tried to define it like this as the username shows up as - on those users
> that have not authenticated:
> 
> src opensiteusers {
>     user  -
>     log    opensiteusers.log
> }
> 
> this causes squidGuard to go in the emergency mode because of a syntax
> error in the user line.
> 
> 
> I looked at the sources and patched the sgDiv.c file, parseLine function to
> convert the "-" to "anon"
> and got it working:
> 
> src opensiteusers {
>     user  anon
>     log    opensiteusers.log
> }
> 
> , but is there an easier way?
> 
> Also, it seems that usernames have a size limit, as I tried anonymous
> instead of anon first, but that also puts sG to emergency mode. Is this
> true and if it is true what is the limit?
> 
> 
> Regards
> Antti Vahalummukka
> 
> 
>

Reply via email to