Squid only knows that the user matched you http_access rules, not that one of the acls used happens to be a user group.
The mechanism used in Squid for group membership verifications is a generic acl lookup mechanism via external helpers, not at all restricted to group memberships. A example of another use included in the Squid distribution is an acl which restricts each user to only his IP address by having a text file listing usernames and their allowed IP address, but it can also be used for implementing Cookie based authentication in http accelerators and many other things which probably no-one has thought of yet. Kind of a swiss army knife in Squid access controls.. Regards Henrik tor 2003-03-06 klockan 11.20 skrev Jay Turner: > Not even via wb_group somehow? > > -----Original Message----- > From: Henrik Nordstrom [mailto:[EMAIL PROTECTED] > Sent: Thursday, 6 March 2003 3:38 PM > To: [EMAIL PROTECTED]; Phil Crooker > Cc: [EMAIL PROTECTED] > Subject: Re: SquidGuard & NT Groups > > > On Thursday 06 March 2003 01.42, Jay Turner wrote: > > > Is there no way squid could be modified to pass group information > > through to the redirector? > > Not easily. Squid does not actually know the group. > > What could work is to have Squid tag the request if it matches a > certain http_access rule, and have this tag sent to redirectors. > > Regards > Henrik > -- Henrik Nordstrom <[EMAIL PROTECTED]> MARA Systems AB, Sweden
