I've been trying to model two different kinds of users in ACLs, where the kids are authenticated by one account, and the adults another. The kids are allowed to go only to a whitelist of websites, but I'd like the adults to be able to override this behavior for a while if they enter their credentials. I was also trying to wire this into a db-auth environment so I can alter the accounts from my desktop.
Following the guide at http://wiki.squid-cache.org/Features/Authentication#How_do_I_ask_for_authentication_of_an_already_authenticated_user.3F, I can keep the kids restricted to a site but the parents get stuck in an authentication loop or just denied access. Here's my config - can anyone help me figure this out?
auth_param basic program /usr/lib64/squid/squid_db_auth --user squid --password squidward --plaintext --persist
auth_param basic children 5
auth_param basic realm Web-Proxy
auth_param basic credentialsttl 20 minute
auth_param basic casesensitive off
acl kids_sites dstdomain "/etc/squid/kids_sites.txt"
acl parents proxy_auth sigmondMom
acl db-auth proxy_auth REQUIRED
http_access allow db-auth kids_sites
http_access deny !parents all
http_access allow db-auth
# And finally deny all other access to this proxy
http_access deny all
Received on Thu Sep 08 2011 - 18:28:47 MDT
This archive was generated by hypermail 2.2.0 : Fri Sep 09 2011 - 12:00:02 MDT