Feature: Display proxy-auth user name on error page

From: Sean Burford <sean.burford@dont-contact.us>
Date: Wed, 11 Jul 2001 09:22:57 +0930

Hi,

I would like to be able to output the request proxy auth user name on
the error page, so that I can determine the cause of the failure (ie,
check the blocked access flag for the user) using a CGI and give the
user a useful error page.

The attached patch (against 2.2 stable5, also works with 2.4 stable1)
adds a %r variable, that implements what I have suggested above.

A sample usage of this is:

<html>
<head>
   <meta http-equiv="REFRESH" content="1;
url="http://127.0.0.1/cgi-bin/axsdenied?user=%r">
</head>
<body>
Please wait... If are being automatically transferred to a
<A HREF="http://127.0.0.1/cgi-bin/axsdenied?user=%r">different page</A>.
</body>
</html>

The alternative is to use two ACLS, eg:
acl check_access_flag ...
acl authenticated_with_ldap ...
deny_info ERR_BAD_PASSWORD authenticated_with_ldap
deny_info ERR_NO_ACCESS check_access_flag
http_access allow check_access_flag authenticated_with_ldap
This is not an optimal solution as it would require two requests to the
LDAP database.

Please review, and submit to CVS if appropriate.

Sean

Only in squid.mod/auth_modules/getpwnam: Makefile
Only in squid.mod/src: .errorpage.c.swp
diff -u -r squid-2.2.STABLE5/src/errorpage.c squid.mod/src/errorpage.c
--- squid-2.2.STABLE5/src/errorpage.c Wed Jul 11 08:57:57 2001
+++ squid.mod/src/errorpage.c Wed Jul 11 08:48:49 2001
@@ -403,6 +403,7 @@
  * M - Request Method x
  * p - URL port # x
  * P - Protocol x
+ * r - User Ident (From proxy-auth or ident) x
  * R - Full HTTP Request x
  * S - squid signature from ERR_SIGNATURE x
  * s - caching proxy software with version x
@@ -486,6 +487,9 @@
         break;
     case 'P':
         p = r ? ProtocolStr[r->protocol] : "[unkown protocol]";
+ break;
+ case 'r':
+ p = r ? r->user_ident : "[unknown user]";
         break;
     case 'R':
         if (NULL != r) {
Received on Wed Jul 11 2001 - 15:23:11 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:14:06 MST