[squid-users] Cache_peer_access, always_direct and authentication

From: Kelvin Smith (Home) <gooseleggs@dont-contact.us>
Date: Sun, 16 Mar 2003 13:48:11 +1200

I have set up basic authentication to authenticate users onto the cache.
This works well and as expected.

What I am wanting to do is direct everyone through to the parent cache
(which is content filtered) for everyone except a few users in an ACL which
I then want to go directly to the origin server, and NOT the parent cache.
I have tried the following scenarios, but to no avail

Scenario 1:
(In this scenario, I want to allow super users to go to foo.com, but all
other users will get blocked by the upstream proxy running content filtering
software)

Acl directdomains dstdomain .foo.com
acl superusers proxy_auth admin
always_direct allow directdomains superusers

Scenario 2:
acl superusers proxy_auth admin
cache_peer_access 127.0.0.1 allow !superusers

If I change the ACL of superusers to be source address etc instead of
proxy_auth, all works fine. I have turned on debugging (debug_options ALL,1
33 44,9) but this doesn't show me why. I get this error though:

2003/03/16 13:39:52| authenticateAuthenticate: no connection data, cannot
process authentication

Which sounds exactly like the problem, but unable to resolve.

Any ideas???

Kelvin Smith
Received on Sat Mar 15 2003 - 18:48:19 MST

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:14:04 MST