I have Squid setup so that it performs NTLM authentication from a
Windows 2003 Active Directory domain controller. It currently works
without issue, allowing only properly authenticated users web browsing
access and denying others.
What I would like to do is block certain accounts from web browsing.
When I implement such a block the users are presented with an
authentication dialog box, and then ultimately receive the proper deny
message in the browser. The problem is that I do not want them to be
prompted for valid credentials; they should be immediately denied
access.
Here is the appropriate areas of my configuration:
acl authenticated_users proxy_auth REQUIRED
acl denied_admin proxy_auth_regex -i "/etc/squid/denied_admin"
acl denied_users proxy_auth_regex -i "/etc/squid/denied_users"
http_access deny denied_users
http_access deny denied_admin
deny_info ERR_ACCESS_DENIED_ADMIN denied_admin
http_access allow authenticated_users
http_access allow localhost
http_access allow local_network
http_access deny all
Any ideas how I can get rid of the authentication dialog box that pops
up and just have the deny message issued immediately?
-- Scott JarkoffReceived on Tue May 23 2006 - 04:29:46 MDT
This archive was generated by hypermail pre-2.1.9 : Thu Jun 01 2006 - 12:00:02 MDT