external_acl_type %LOGIN format problem please help.
Hello every one,
I am trying to change a few authentication policies in our work environment. We are using a squid (2.6.stable12) proxy server to authenticate our users, and grant them internet access. Now i also want to implement a block list policy. I store the block list in a mysql database, and am trying to use a exteral_acl program to check with this list. This is where the problem arise.
external_acl_type myhelper %DST %PATH %LOGIN /usr/bin/php /testauth.php
acl myacl external myhelper
http_access deny myacl
As u can see the above script gets the full url and username. The script is working fine, but the problem is when the user visits a particular blocked site, it keeps prompting the password dialog. Only when he/she cancels, the error that its blocked is displayed. If i remove %LOGIN from above external acl statement, it works fine, but the problem is that it does not meet my requirement :S. Does anyone know how to solve this problem? Or is there any other way that i can get the LOGIN name to the script with out using %LOGIN?
Any help will be appreciated.
Try : http_reply_access deny myacl
|All times are GMT -5. The time now is 11:49 PM.|