RE: [squid-users] bypass msauth on cache peer parent

From: Tan, Kian Tiong <kiantiong.tan@dont-contact.us>
Date: Wed, 21 Apr 2004 16:02:30 +0800

Hi,

I am not clear of the settings given below.

Supposing I have an msnt authentication on Proxy A (parent) that MUST be
there.

And I need another msnt authentication on Proxy B (child) that can only
direct all requests to Proxy A.

My Proxy A setting:

auth_param basic program /usr/local/squid/libexec/msnt_auth
..
acl pwd proxy_auth REQUIRED
http_access allow pwd

My proxy B setting:

auth_param basic program /usr/local/squid/libexec/msnt_auth
..
cache_peer w.x.y.z parent 8080 0 no-query default
..
acl pwd proxy_auth REQUIRED
never_direct deny pwd
never_direct allow all

w.x.y.z is the IP address of Proxy B. And I do a http_access allow all,
which allow all the IP addresses in the Private network to connect to Proxy
B.

The authentication pop-up is still not working in Proxy B.

Any input will be welcome.

Rgds,
Tan

-----Original Message-----
From: Muthukumar [mailto:kmuthu_gct@hotmail.com]
Sent: Wednesday, April 21, 2004 2:55 PM
To: Tan, Kian Tiong; squid-users@squid-cache.org
Subject: Re: [squid-users] bypass msauth on cache peer parent

>
> I use the never_direct allow all on proxy B, and is not working. If I take
> out the authentication from proxy B, the authentication on Proxy A will
keep
> prompting for userid and password for several times, I key in the right
> passwords and still block from accessing internet thru proxy A.
>
Suppose a group of users to access internet directly - direct-user
On proxy B.
set this setting:

<snip>
acl direct_user proxy_auth usernames
never_direct deny direct_user
never_direct allow all
<snip>

Regards,
Muthukumar.

---
===============  It is a "Virus Free Mail" ===============
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.659 / Virus Database: 423 - Release Date: 4/15/2004
Received on Wed Apr 21 2004 - 02:01:29 MDT

This archive was generated by hypermail pre-2.1.9 : Fri Apr 30 2004 - 12:00:02 MDT