Ok, so I`ll do my very best....
1. We have added the auth_mod to squid so that user CAN auth. by name and password
2. We also have a whitelist with http adresses which are free for access for anybody WITHOUT auth. needed
3. If a user wants to access a site which is not listed in the whitelist he MUST auth to squid and than he can access ANY site on the internet.
So it looks like in the squid.conf
Quote:
#AUTH
auth_param basic program /usr/local/squid/libexec/ncsa_auth /usr/local/squid/user
auth_param basic children 5
auth_param basic realm XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
auth_param basic credentialsttl 2 hours
acl POWERUSER proxy_auth "/usr/local/squid/user"
acl POWERUSER proxy_auth REQUIRED
acl whitelist url_regex "/usr/local/squid/whitelist"
acl blacklist url_regex "/usr/local/squid/blacklist"
http_access allow whitelist
http_access allow POWERUSER
http_access deny blacklist
|
So my problem is that if there is a site a.html which is in the whitelist but this site includes a link in a frame to the site b.html, you get the login window.
If this would only be once it would not be a big thing, but some site have 5-10 links and thats really not so nice.