[squid-users] Strange ACL behavior

From: Burnes, James <[email protected]>
Date: Wed, 14 Jan 2004 11:08:44 -0700

Hey people:

Maybe this is something I'm overlooking, a common noob error or a typo,
but the following few ACLs and access rules just aren't behaving like I
think they should...

I'm trying to grant unlimited web access to any authenticated user and
limited access to non-authenticated users.

Here are my acls/allows....
.
.
.
acl safedomains dstdomain .mycompany.com
acl authenticated_users proxy_auth

http-access allow safedomains
http-access allow authenticated_users
http-access deny all
.
.
.

When I use this configuration it allows un-authenticated access to
www.mycompany.com, but on any other web page it tries to authenticate
the user. Great so far, but after authenticating the user it denies
them access to the page they requested.

If you pull the 'http-access allow safedomains' out of the squid.conf
file, it allows authenticated users access to whatever they want, but of
course doesn't allow un-authenticated access.

What's up with that?

Any ideas?

jim burnes
security engineer
great-west, denver
 
Received on Wed Jan 14 2004 - 11:08:57 MST

This archive was generated by hypermail pre-2.1.9 : Sun Feb 01 2004 - 12:00:06 MST