[squid-users] Allow un-authenticated users to pass through

From: Francis Vidal <francisv.list_at_gmail.com>
Date: Sun, 29 Aug 2010 20:43:29 +0800

Hi all,

Here's a relevant portion of my squid configuration (squid/3.0STABLE18):

--- SQUID CONFIGURATION START ---

auth_param negotiate program /opt/squid-3.0/sbin/squid_kerb_auth -d -s HTTP/
proxy.mydomain.com
auth_param negotiate children 50
auth_param negotiate keep_alive on

external_acl_type SQUID_ALLUSERS ttl=3600 negative_ttl=3600 %LOGIN
/opt/squid-3.0/sbin/squid_kerb_ldap -g users

acl TEST_URLS url_regex -i "/opt/squid-3.0/etc/blocked.txt"
acl ALL_DOMAIN_USERS external SQUID_ALLUSERS

http_access allow ALL_DOMAIN_USERS TEST_URLS
http_access deny TEST_URLS
http_access allow all

--- SQUID CONFIGURATION END ---

When the user has authenticated with Active Directory (2008), the
http_access rules work as expected but when an un-authenticated user
uses the proxy, it denies access on the line "http_access allow
ALL_DOMAIN_USERS TEST_URLS" and throws a message "Sorry, you are not
currently allowed to request <URL> from this cache until you have
authenticated yourself."

How do I make un-authenticated users go through until the line
"http_access allow all"?
Received on Sun Aug 29 2010 - 12:43:35 MDT

This archive was generated by hypermail 2.2.0 : Sun Aug 29 2010 - 12:00:07 MDT