I have squid configured with NTLM auth and in the squid logs with squid in debug mode in cache.log squid first reports DENIED access to a site because they are a member of AuthorizedUsers and then it says it is ALLOWED because they are a member or AuthorizedUsers group so my question is why does Squid first deny it and then after it says ALLOWED.
This is seamless to the user they do not see it being DENIED and then ALLOWED but it seems squid is doing twice the work. Below from cache.log 2004/04/16 09:13:50| The request GET http://somesite.edu/ is DENIED, because it matc hed 'AuthorizedUsers' 2004/04/16 09:13:50| The request GET http://somesite.edu/ is ALLOWED, because it mat ched 'AuthorizedUsers' Jim
