Robert Franklin wrote:
> (I presume squid denies access if the password bit fails in the first
> rule? And won't proceed on to allow it at the second rule? If not, I
> guess you have to stick a rule in between 1 and 2 called 'http_access
> deny authnet'.)
Yes. Squid regards non-existent or invalid password in a proxy_auth ACL
processing as "not enought information to evaluate", and requests the
user to (re)authenticate themselves. No further ACL processing is done.
---
Henrik Nordstrom
Spare time Squid hacker
