Re: [squid-users] Authentication bug with external ACLs in 2.5 STABLE 12?

From: Serassio Guido <[email protected]>
Date: Mon, 19 Dec 2005 23:42:23 +0100

Hi,

At 14.01 19/12/2005, Christoph Haas wrote:

>Evening...
>
>we have just spent two days hunting down a phenomenon regarding external
>ACLs. I suspect a bug so I'll be a bit more verbose.
cut

>I'd like to hear comments. Perhaps the developers have an idea what may
>have changed between stable 9 and stable 12 that could cause this. Thanks
>in advance.

This is the expected behaviour. The change was introduced with the
following patch:
http://www.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE9-extaclauth
and this is the related bug:
http://www.squid-cache.org/bugs/show_bug.cgi?id=1278

See this squid-user message and the related thread:
http://www.squid-cache.org/mail-archive/squid-users/200511/0339.html

You need some simple logical changes in your ACLs, the following
should work, I hope ... :-)

acl our_networks src put_your_local_network_here

http_access deny !ldap-auth
http_access deny !ldapgroup-allowed our_networks
http_access allow all

Regards

Guido

-
========================================================
Guido Serassio
Acme Consulting S.r.l. - Microsoft Certified Partner
Via Lucia Savarino, 1 10098 - Rivoli (TO) - ITALY
Tel. : +39.011.9530135 Fax. : +39.011.9781115
Email: guido.serassio@acmeconsulting.it
WWW: http://www.acmeconsulting.it/
Received on Mon Dec 19 2005 - 15:42:25 MST

This archive was generated by hypermail pre-2.1.9 : Sat Dec 31 2005 - 12:00:02 MST