Re: [squid-users] No password to internal addresses from Henrik Nordstrom on 2008-11-10 (squid-users)

From: Henrik Nordstrom <henrik_at_henriknordstrom.net>
Date: Mon, 10 Nov 2008 12:22:28 +0100

On mån, 2008-11-10 at 09:50 +0100, yagh mur wrote:

> http_access allow to_mynetwork users1
> http_access allow password users1
> http_access allow mynetwork
> http_access deny all

I think the above should be

http_access allow mynetwork to_mynetwork
http_access allow mynetwork users1
http_access deny all

which allows mynetwork anonymous access to the local network withour
requiring login and access to anything else requiring a password.

The password acl is redundant as users1 will also ask for
authentication. Any acl requiring a username will ask for authentication
if not already provided. "proxy_auth REQUIRED" is just a magic acl for
"any authenticated user".

Regards
Henrik

application/pgp-signature attachment: This is a digitally signed message part

Received on Mon Nov 10 2008 - 11:22:36 MST

This archive was generated by hypermail 2.2.0 : Mon Nov 10 2008 - 12:00:03 MST