Re: [squid-users] NTLM Group Pop up screen

From: Jerry Murdock <[email protected]>
Date: Wed, 9 Oct 2002 17:12:26 -0400

What are your current http_access entries?

Generally, if your proxy_auth acl is part of the denying http_access line,
the login will be offered again. ie:

This will go directly to an access denied page:
http_access deny !My_InternetGroup_ACL
http_access allow My_Proxy_Auth_ACL

This will cause a login prompt:
http_access deny !My_InternetGroup_ACL My_Proxy_Auth_ACL
http_access allow My_Proxy_Auth_ACL

Jerry

----- Original Message -----
From: "Edward Mann" <edward@arctechnology.com>
To: "Guido Serassio" <serassio@libero.it>
Cc: <squid-users@squid-cache.org>
Sent: Wednesday, October 09, 2002 4:38 PM
Subject: Re: [squid-users] NTLM Group Pop up screen

> Hey,
>
> After reading my original message i realized that i had not made myself
> clear. So here is my second run at it.
>
>
> I have a group on our Domain called internet. If you are in this group
> then you are able to surf the web.(cool!) If you are not you get an
> Access denied page.(not Cool!) What I would like is before you are given
> that page, you are prompted to supply a username and password. Once you
> fail that then you get the Access denied screen.
>
> Thanks.
>
>
>
> On Wed, 2002-10-09 at 15:28, Guido Serassio wrote:
> > Hi,
> >
> > At 22.19 09/10/2002, Edward Mann wrote:
> > >I have been successful in getting NTLM and Group auth to work. I am
> > >going to write a HOW-TO if anyone is interested. Please let me know
> > >
> > >Now my question.
> > >
> > >Since i have it working, when a user goes to the web, they are given
the
> > >Access denied screen. This is cool, but i would like to know if when
the
> > >user is not found in the group that the dialog box for username
password
> > >is returned to them. I have tested this with a ISA box that some of the
> > >people that i work with would like to move the company over to. Is this
> > >possible? Does the code need to be modified to do this or am i missing
> > >an option?
> >
> > I think that You are using External ACL for group membership check, if
this
> > is true, take a look on the deny_info squid.conf directive.
> >
> > Regards
> >
> > Guido
> >
> >
> >
> > -
> > =======================================================
> > Serassio Guido
> > Via Albenga, 11/4 10134 - Torino -
ITALY
> > E-mail: guido.serassio@serassio.it
> > WWW: http://www.serassio.it
>
Received on Wed Oct 09 2002 - 15:12:56 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:10:38 MST