Proxy auth exception

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

Proxy auth exception

Jason Loel
Hi,

I use Squid 4.6 with Debian 10 (Buster).

I use Kerberos Authentication and it works :

   auth_param negotiate program /usr/lib/squid/negotiate_kerberos_auth -s
HTTP/[hidden email]
   auth_param negotiate children 10
   auth_param negotiate keep_alive on
   acl lan proxy_auth REQUIRED
   icap_send_client_username on
   http_access allow lan

I have a local web server named "hotline", itself uses also kerberos
auth (Apache).

If i don't use the proxy, i can browse http://hotline
If i use the proxy, i can't browse the page, i get "this site can't be
reached"
If i remove this 6 lines in squid.conf, the website is available.

How can i add an exception for "http://hotline" to not use the acl lan ?

Merci !

Jasaon L.
_______________________________________________
squid-users mailing list
[hidden email]
http://lists.squid-cache.org/listinfo/squid-users
Reply | Threaded
Open this post in threaded view
|

Re: Proxy auth exception

Jason Loel
Got it !
Just add the following line before :

acl vip dst 192.168.1.10
http_access allow vip

Sorry for the noise.

Le 2020-09-15 11:08, Jason Loel a écrit :

> Hi,
>
> I use Squid 4.6 with Debian 10 (Buster).
>
> I use Kerberos Authentication and it works :
>
>   auth_param negotiate program /usr/lib/squid/negotiate_kerberos_auth
> -s HTTP/[hidden email]
>   auth_param negotiate children 10
>   auth_param negotiate keep_alive on
>   acl lan proxy_auth REQUIRED
>   icap_send_client_username on
>   http_access allow lan
>
> I have a local web server named "hotline", itself uses also kerberos
> auth (Apache).
>
> If i don't use the proxy, i can browse http://hotline
> If i use the proxy, i can't browse the page, i get "this site can't be
> reached"
> If i remove this 6 lines in squid.conf, the website is available.
>
> How can i add an exception for "http://hotline" to not use the acl lan
> ?
>
> Merci !
>
> Jasaon L.
> _______________________________________________
> squid-users mailing list
> [hidden email]
> http://lists.squid-cache.org/listinfo/squid-users
_______________________________________________
squid-users mailing list
[hidden email]
http://lists.squid-cache.org/listinfo/squid-users