Re: [squid-users] If not authenticated don�t ask for it. from Henrik Nordstrom on 2007-05-09 (squid-users)

From: Henrik Nordstrom <henrik@dont-contact.us>
Date: Wed, 09 May 2007 20:21:49 +0200

ons 2007-05-09 klockan 14:25 +0200 skrev Patrik Hansson:
> Hello.
>
> I´v just gotten squid installed and working with NTLM and AD Groups.
>
> What i whant is to block some files for normal users, like .exe, .zip
> and so on but give admins the right to download them.
>
> I made two AD groups named "allowinet" and "admininet".
> If a normal user is trying to download an .exe he gets presented with
> a login dialog.
> I don´t whant that..i whant my "NOTE_FILETYPES_FILTERED" displayed to
> the user directly.

Then the last acl on the http_access deny line must not be related to
logins.

Example:

if you have

http_access deny downloads normalusers

you can simply switch the two acls

http_access deny normalusers downloads

or alternatively add a dymmy acl last on the line

acl denied_download_message src 0.0.0.0/0

http_access deny downloads normalusers denied_download_message

then use this acl in deny_info to select the proper error message

deny_info ERR_BLOCKED_DOWNLOAD denied_download_message

Regards
Henrik

application/pgp-signature attachment: Detta �r en digitalt signerad meddelandedel

Received on Wed May 09 2007 - 12:21:54 MDT

This archive was generated by hypermail pre-2.1.9 : Fri Jun 01 2007 - 12:00:04 MDT