This problem is detailed in Bugzilla Bug 585
http://www.squid-cache.org/bugs/show_bug.cgi?id=585
I have been told that the problem is that some requests
don't match an http_access rule and therefore there is
no info available for the cache_peer_access rules. I
don't think that is the case. Primarily because it works
perfectly with Basic (with wb_auth) and second because
NTLM (with wb_ntlmauth) works perfectly if I don't try
to use the cache_peer_access. With cache_peer_access
it works sometimes. I get the html of a page and only
some of the images or, I get nothing at all, or it works
perfectly for a few minutes then gets nutty.
Here is a snipped of the config ( the rest is in the bug report )
http_access deny !password
http_access allow Staff
http_access allow Proxy1
http_access deny all
I would think that the first rule "!password" would prevent
anything from making it pass without authentication and certainly
the "deny all" bit at the end would.
The logs show
2003/03/24 13:56:04| authenticateValidateUser: Validating Auth_user request '0x87087a0'.
and then moments later ( only one client )
2003/03/24 13:56:04| authenticateValidateUser: Validating Auth_user request '0x0'.
2003/03/24 13:56:04| authenticateValidateUser: Auth_user_request was NULL!
I think this is a bug and not a config problem. I have tried re-arranging
in all sorts of ways. Regardless Basic with wb_auth works and NTLM with
wb_ntlmauth only does unreliably. Squid seems to be loosing the auth
info somehow before it checks the cache_peer_access rule.
I'd be quite happy to be wrong :)
Thanks in advance.
Received on Thu Apr 24 2003 - 10:38:17 MDT
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:15:25 MST