[squid-users] Allowing links inside websites in whitelist

From: CASALI COMPUTERS - Michele Brodoloni <m.brodoloni_at_casalicomputers.com>
Date: Wed, 10 Feb 2010 09:19:16 +0100

Hello,
i?m using Squid Version 2.6.STABLE21 with squid_ldap_group auth helper for authenticating groups of users.

My problem is that some groups need to access certain sites only, but these sites contain links to other external content outside the whitelist causing squid popping up the annoying login box repeteadly. Is there a way to make squid follow (or deny) those links without annoying the user?
I simply would like that auth is requested just once.. if the user is not allowed, just deny it without requesting authentication again?

Here?s my configuration (squid.conf) snippet:

#################################################################################################
auth_param basic program /usr/lib64/squid/squid_ldap_auth -b "dc=server,dc=local" -f "uid=%s" -h 127.0.0.1
auth_param basic children 10
auth_param basic realm "Server Proxy Server"
auth_param basic credentialsttl 8 hours

external_acl_type ldap_group %LOGIN /usr/lib64/squid/squid_ldap_group -b "ou=Groups,dc=server,dc=local" -f "(&(memberUid=%u)(cn=%g)(objectClass=posixGroup))" -h 127.0.0.1 -d

acl utenti_tutti external ldap_group grp-proxy
acl utenti_tg24  external ldap_group grp-tg24

acl retelocale src 192.0.0.0/255.255.255.0
acl whitelist dstdom_regex "/etc/squid/whitelist"
http_access allow retelocale whitelist

acl autenticati proxy_auth REQUIRED

acl blacklist dstdom_regex "/etc/squid/blacklist"
http_access deny  utenti_tutti blacklist
http_access allow utenti_tutti

acl tg24 url_regex "/etc/squid/whitelist_tg24"
http_access allow utenti_tg24 tg24
http_access deny utenti_tg24
#################################################################################################

Thank you very much
Received on Wed Feb 10 2010 - 08:24:15 MST

This archive was generated by hypermail 2.2.0 : Wed Feb 10 2010 - 12:00:05 MST