On Wednesday 28 May 2003 04.57, Josh Dixon wrote:
> I have a strange situation, where the acls are working as designed,
> and the http_access rules are denying and allowing as requested,
> but instead of displaying an error page to the browser, it prompts
> the user for their username & password.
Yes.
What you are seeing is most likely an intentional feature of Squid. If
a request is denied by an proxy_auth type acl then Squid will request
the user to authenticate with a new username+password.
The browser only shows the returned error page if the user cancels the
authentication request.
Example where this will happen
acl somegroup proxy_auth user1 user2 user3
http_access deny somesites somegroup
If you do not want this to happen then you need to deny the request by
another type of acl. In some cases this can be done as simple as just
writing the acls in another order
http_access deny somegroup somesites
in other you may need to use a dummy "all" type acl (if you need to
combine this with detailed deny_info, then create multiple such acls,
one per deny_info message)
http_access deny somesites somegroup all
Regards
Henrik
-- Donations welcome if you consider my Free Squid support helpful. https://www.paypal.com/xclick/business=hno%40squid-cache.org If you need commercial Squid support or cost effective Squid or firewall appliances please refer to MARA Systems AB, Sweden http://www.marasystems.com/, info@marasystems.comReceived on Tue May 27 2003 - 22:54:00 MDT
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:17:06 MST