Hey people:

Maybe this is something I'm overlooking, a common noob error or a typo,
but the following few ACLs and access rules just aren't behaving like I
think they should...

I'm trying to grant unlimited web access to any authenticated user and
limited access to non-authenticated users.

Here are my acls/allows....
..
..
..
acl safedomains dstdomain .mycompany.com
acl authenticated_users proxy_auth

http-access allow safedomains
http-access allow authenticated_users
http-access deny all
..
..
..

When I use this configuration it allows un-authenticated access to
www.mycompany.com, but on any other web page it tries to authenticate
the user. Great so far, but after authenticating the user it denies
them access to the page they requested.

If you pull the 'http-access allow safedomains' out of the squid.conf
file, it allows authenticated users access to whatever they want, but of
course doesn't allow un-authenticated access.

What's up with that?

Any ideas?


jim burnes
security engineer
great-west, denver
=20