Thank you very much, Amos, I have checked that both variables %un and %ul are set in squid during failed BASIC-authentications. But I do not know how to use them in ACL. I need an ACL that triggers if %un is set (to log such transactions).
пн, 20 февр. 2023 г. в 12:14, Amos Jeffries <squ...@treenet.co.nz>: > On 20/02/2023 7:24 pm, Andrey K wrote: > > Hello Amos, > > > > Thank you for your recommendations. > > I modified negotiate_wrapper_auth to parse NTLM tokens and to set the > > user attribute in AV-pairs, > > so now I can configure the desired logging using acl note-type. > > > > But I also have BASIC authentication type users. > > Usernames of those users are known to the squid even if they type > > wrong passwords, but the user-attribute is not set in the note-list > > in such transactions. > > Should I write a new wrapper script for the BASIC-authentication to > > set the user-attribute, or I can check if the username is known > > without using wrapper? > > > > The username of Basic auth should be known and available with %un or %ul > whenever the client provides one. > If not, then yes you will have to add a wrapper there too to send user= > on ERR responses. > > HTH > Amos > > _______________________________________________ > squid-users mailing list > squid-users@lists.squid-cache.org > http://lists.squid-cache.org/listinfo/squid-users >
_______________________________________________ squid-users mailing list squid-users@lists.squid-cache.org http://lists.squid-cache.org/listinfo/squid-users
