[squid-users] Re: Denying user access based on proxy_auth

From: Joost de Heer <sanguis@dont-contact.us>
Date: Wed, 3 May 2006 13:35:14 +0200 (CEST)

> I have an acl that looks like this:
>
> acl denied_users proxy_auth_regex -i '/etc/squid2/denied_users'
>
> where the denied_users file has a list of users who are not allowed access
> in the form of: john.smith
>
> Now for the first time I have a problem in the way this works. For
> instance, I have a user account of smith. It's a generic account that is
> used to ensure that certain applications run on Windows 2000/XP. I simply
> want to prevent Web access as it's anonymous to some extent. So I add the
> name "smith" to my denied_users file. Now not only is "smith" denied
> access, but also "john.smith".

Put the username as '^smith$' in the config.

IMO it would be easier to use NT group membership (those who may browse
are member of a certain group, and check membership of that group in the
acl).

Joost
Received on Wed May 03 2006 - 05:35:21 MDT

This archive was generated by hypermail pre-2.1.9 : Thu Jun 01 2006 - 12:00:01 MDT