I meant to send this to the list: Thanks Henrik for your reply... My last deny acl is http_access deny all...Do you mind looking at the following and telling me what I'm doing wrong? Thanks so much
###For Proxy Authentication ### acl InternetUsers proxy_auth REQUIRED # ###FTP allow Access### acl FtpAccess proto FTP acl FTP_Allowed_Users proxy_auth "/etc/squid/FTP_Allowed_Users" ###File extension download prevention### acl DenyDownloadExe url_regex -i "/etc/squid/DenyDownloadExe" acl DenyDownloadMime rep_mime_type "/etc/squid/DenyDownloadMime" acl AllowDownload dstdomain .microsoft.com ###For RetailUsers who have limited access ### acl Retail_Allowed_Users proxy_auth "/etc/squid/Retail_Users" acl Retail_Allowed_Sites dst "/etc/squid/Retail_Sites" http_access allow Retail_Allowed_Users Retail_Allowed_Sites http_access allow FTP_Allowed_Users FtpAccess http_access allow AllowDownload http_access deny DenyDownloadExe deny_info ERR_ACCESS_DENIED_DL_EXE DenyDownloadExe http_access deny Retail_Allowed_Users deny_info ERR_ACCESS_DENIED_RETAIL Retail_Allowed_Users http_access deny FtpAccess http_access allow InternetUsers http_access allow localhost http_access deny all http_reply_access deny DenyDownloadMime deny_info ERR_ACCESS_DENIED_DL_MIME DenyDownloadMime http_reply_access allow all --- Henrik Nordstrom <[EMAIL PROTECTED]> wrote: > On Tue, 3 Feb 2004, Sylvester Manx wrote: > > > I am using smb_auth as the NTLM authenticating > > utility. When I put a user in an acl that, for > > example, denies them access to a site, they must > enter > > their username 3 times before they get the > deny_info > > page. > > They get the page on the first, but the browser only > shows it once the > authentication is cancelled (either by the browser > limit of 3 attempts, or > by pressing cancel). > > > Is there someway to avoid this? To have this > > page come up after the first successful login? > > Don't deny the requests with a proxy_auth acl type. > In most configurations > it is simply a matter of making sure the last acl on > your http_access deny > line is not a proxy_auth acl. Note that this also > affects deny_info as it > too looks at the last acl. > > Regards > Henrik > > __________________________________ Do you Yahoo!? Yahoo! SiteBuilder - Free web site building tool. Try it! http://webhosting.yahoo.com/ps/sb/
