> I've got Squid (squid-2.6.STABLE13-1.RHEL4) running on Red Hat EL 4,
> pointing to a Solaris based Stellent CMS instance and it's working, but
> when someone tries to login to the Stellent content contol page, they
> get the following error page in their browser:
>
> _____
> ERROR
> The requested URL could not be retrieved
> While trying to retrieve the URL:
> http://someserver.com:3128/ecmweb/idcplg?IdcService=LOGIN&Action=GetTemp
> latePage&Page=HOME_PAGE&Auth=Internet
> The following error was encountered:
> * Access Denied.
> Access control configuration prevents your request from being
> allowed at this time. Please contact your service provider if you feel
> this is incorrect.
> Your cache administrator is root.
> Generated Thu, 04 Oct 2007 15:51:41 GMT by someserver.com
> (squid/2.6.STABLE13)
>
>
>
> I have very simple ACLs in place until I get everything working, I've
> included the other lines so you can see the Ips in place:
>
> http_port 192.168.120.225:3128 transparent
Use accel or vhost instead of transparent.
transparent means semi-silently intercepting proxy.
accel/vhost means squid pretends to be the origin web-server for some
domain(s) but passes any non-cached requests to the real one.
http://wiki.squid-cache.org/SquidFaq/ReverseProxy?highlight=%28reverse%29
> cache_peer 192.168.210.54 parent 80 0 no-query originserver login=PASS
>
> acl all src 0.0.0.0/0.0.0.0
"acl all src all" is a nicer way of saying that
> http_access allow all
> icp_access allow all
ICP does not come into this at all (you set peer-ICP-port=0) . You may as
well turn it off.
>
> # note, it failed with the following 3 lines in, and out of the config
> #acl METHODLIST method post
> #no_cache deny METHODLIST
These two are the default behaviour under most configs.
FYI: forget no_cache, you can safely drop just the "no_" bit off the front
now and understand what that line does better.
Amos
Received on Thu Oct 04 2007 - 16:25:45 MDT
This archive was generated by hypermail pre-2.1.9 : Thu Nov 01 2007 - 13:00:01 MDT