[SQU] SMB Authentication

From: Simon Bryan <sbryan@dont-contact.us>
Date: Mon, 22 Jan 2001 12:17:13 +1100

HI,
I have set up SMB Authentication on a test box and it works fine except for
one niggle.

I have the following:
acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl SSL_ports port 443 563
acl Safe_ports port 80 21 443 563 70 210 1025-65535
acl CONNECT method CONNECT
acl domainusers proxy_auth REQUIRED

#Default configuration:
http_access allow manager localhost
http_access deny manager
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
#
# INSERT YOUR OWN RULE(S) HERE TO ALLOW ACCESS FROM YOUR CLIENTS
#
http_access allow domainusers
#http_access deny !domainusers

http_access deny all

Which works fine, but in my real box I really need to use the commented out
line http_access deny !domainusers as I have a number of other acls that
need to be processed as well. My understanding says that once the 'allow
domainusers' is matched then the other (blocking ones) won't be procesed. I
can probably reorganise them in some way ie move the deny ones up but then
the usernames would not be logged in the request (would they?). I would
like to simply replace the authentication method.

Is there any reason that using deny !domainusers does not work with smb
authentication? It just repeatedly brings up the login box and then
eventually gives a no access message.

Any help appreciated,

Simon Bryan
____________________________________
IT Manager
OLMC Parramatta
http://www.olmc.nsw.edu.au
____________________________________

--
To unsubscribe, see http://www.squid-cache.org/mailing-lists.html
Received on Sun Jan 21 2001 - 18:19:39 MST

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:57:30 MST