[squid-users] Squid ACL, SSL-BUMP and authentication questions
Amos Jeffries
squid3 at treenet.co.nz
Fri Nov 7 08:28:33 UTC 2014
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 7/11/2014 8:35 p.m., squid-list wrote:
> Hi, * **"Access to google maps(https://www.google.com/maps) should
> prevent any authentication need"*
>
> I could understand that all users should be able to access the
> google maps link without any authentication. For this you could add
> the site acl before the authentication part in the squid conf. So
> that users will not prompt for the authentication when the user try
> to access the google map site. But when they try to access any
> other site authentication will be prompted.
This cannot be done.
You can authenticate the user setting up a CONNECT tunnel, OR you can
bypass authentication for them.
That authentication choice applies equally all requests sent over the
tunnel. Whether they are for maps or for any other Google service. And
it must be made *before* the tunnel is setup. Thus *before* the URL
inside the tunnel becomes known.
Amos
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.22 (MingW32)
iQEcBAEBAgAGBQJUXIKwAAoJELJo5wb/XPRjMoMH/2yCMjxisbxWBAYnp+96908O
W46taJk7kqwUbtv76aOsSEcPpc3cBl4E+nFv7cQofRqgobcR2wTsJtgRupjuIgSb
SYPQKqJolbs/7wF5nhxbggewSfRU7B21aULKStkXV7BUWNlUIaV1vUsv+J1JV8OP
U/HkcVeXny1khCjF9nEKeXNUpOioUQ0LpPboAOrLnfZZfY098NkGubJF04/stUCQ
QXIErZ8cwX7yJ1x+yIwlVw4KVbtGaBJ8dd8PH4q3DknzAVxfJ0LZgYJC3nKTQMZ3
vUTMV33Rf94Y9x/yNrs6AVWcR3rLl08GkpFv3owqItkHa1hi7yFCuEg5e3bOFFA=
=AMi0
-----END PGP SIGNATURE-----
More information about the squid-users
mailing list