[squid-users] Authentication issue

From: Scott Jarkoff <[email protected]>
Date: Tue, 23 May 2006 19:29:45 +0900

I have Squid setup so that it performs NTLM authentication from a
Windows 2003 Active Directory domain controller. It currently works
without issue, allowing only properly authenticated users web browsing
access and denying others.

What I would like to do is block certain accounts from web browsing.
When I implement such a block the users are presented with an
authentication dialog box, and then ultimately receive the proper deny
message in the browser. The problem is that I do not want them to be
prompted for valid credentials; they should be immediately denied
access.

Here is the appropriate areas of my configuration:

acl authenticated_users proxy_auth REQUIRED
acl denied_admin proxy_auth_regex -i "/etc/squid/denied_admin"
acl denied_users proxy_auth_regex -i "/etc/squid/denied_users"

http_access deny denied_users
http_access deny denied_admin
deny_info ERR_ACCESS_DENIED_ADMIN denied_admin

http_access allow authenticated_users
http_access allow localhost
http_access allow local_network
http_access deny all

Any ideas how I can get rid of the authentication dialog box that pops
up and just have the deny message issued immediately?

-- 
Scott Jarkoff
Received on Tue May 23 2006 - 04:29:46 MDT

This archive was generated by hypermail pre-2.1.9 : Thu Jun 01 2006 - 12:00:02 MDT