Re: [squid-users] Cache_peer_access, always_direct and authentication

From: Henrik Nordstrom <hno@dont-contact.us>
Date: Sun, 16 Mar 2003 10:55:49 +0100

For this to at all have a chance of working you must be using a
Squid-2.5 nightly snapshot (or Squid-2.5.STABLE2 when released).

Squid-2.5.STABLE1 only supports the use of proxy_auth ACLs in
http_access, as documented in the release notes.

Please give the current 2.5.STABLE1 nightly shapshot a try.

  http://www.squid-cache.org/Versions/v2/2.5/

Regards
Henrik

"Kelvin Smith (Home)" wrote:
>
> I have set up basic authentication to authenticate users onto the cache.
> This works well and as expected.
>
> What I am wanting to do is direct everyone through to the parent cache
> (which is content filtered) for everyone except a few users in an ACL which
> I then want to go directly to the origin server, and NOT the parent cache.
> I have tried the following scenarios, but to no avail
>
> Scenario 1:
> (In this scenario, I want to allow super users to go to foo.com, but all
> other users will get blocked by the upstream proxy running content filtering
> software)
>
> Acl directdomains dstdomain .foo.com
> acl superusers proxy_auth admin
> always_direct allow directdomains superusers
>
> Scenario 2:
> acl superusers proxy_auth admin
> cache_peer_access 127.0.0.1 allow !superusers
>
> If I change the ACL of superusers to be source address etc instead of
> proxy_auth, all works fine. I have turned on debugging (debug_options ALL,1
> 33 44,9) but this doesn't show me why. I get this error though:
>
> 2003/03/16 13:39:52| authenticateAuthenticate: no connection data, cannot
> process authentication
>
> Which sounds exactly like the problem, but unable to resolve.
>
> Any ideas???
>
> Kelvin Smith
Received on Sun Mar 16 2003 - 02:56:32 MST

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:14:04 MST