> Date: Fri, 9 Sep 2011 12:50:24 +1200 > From: [email protected] > To: [email protected] > Subject: Re: [squid-users] Authentication Prompts > > On 09/09/11 06:28, Matt Cochran wrote: > > I've been trying to model two different kinds of users in ACLs, where the > > kids are authenticated by one account, and the adults another. The kids are > > allowed to go only to a whitelist of websites, but I'd like the adults to > > be able to override this behavior for a while if they enter their > > credentials. I was also trying to wire this into a db-auth environment so I > > can alter the accounts from my desktop. > > > > Following the guide at > > http://wiki.squid-cache.org/Features/Authentication#How_do_I_ask_for_authentication_of_an_already_authenticated_user.3F, > > I can keep the kids restricted to a site but the parents get stuck in an > > authentication loop or just denied access. Here's my config - can anyone > > help me figure this out? > > > > > Notice that would allow the kids to get a popup and re-try with parents > login to restricted sites without the parent being present. > > > What you are asking for is this: > > # login required to go anywhere at all > http_access deny !db-auth > > # kids to their sites > http_access allow !parents kids_sites > > # parents anywhere > http_access allow parents > > # challenge if not logged in with parents credentials > http_access deny !parents > > # everything else is blocked. > http_access deny all Can't we simplify this to: http_access deny !db-auth http_access allow kids_sites http_access deny all !parents
Jenny
