|
Try putting the nonprotects first. It may work like a PASS directive. ie, if you have: Pass /* /myfiles/* Pass /try/* /tryfiles/* it will never see the second pass. You would need to switch these around to make it work. The only different is the protect directive may not stop after finding a "match" in the config. worth a shot, though. Brad > -----Original Message----- > From: Larry Bolhuis [mailto:lbolhuis@arbsol.com] > Sent: Thursday, January 18, 2001 10:49 AM > To: Midrange Systems Mailing List > Subject: Protection in an HTTP Proxy instance > > > All the distinguished minds hereby present: > > I have set up an instance of the HTTP server as a caching > proxy. I have > successfully configured it to only allow access to the internet for > users with an AS/400 userid and profile with basic authentication and > the "protect http:* SECUREPROXY" directive. (SECUREPROXY > being the name > assigned to the protection setup) So far so good. > > The requirement now is to allow certain specific web sites to NOT > require authentication. I have successfully gotten "protect > http://www.ibm* NOTSECURE" to correctly use this protection setup for > all ibm.com web sites. What I CANNOT do is stop if from > prompting for a > userid and password. What must I do to the protection setup (listed > below) so that it does NOT prompt the user?? > > 00030 Protection NOTSECURE { > 00040 PasswdFile %%SYSTEM%% > 00050 DeleteMask All@(*) > 00060 PostMask All@(*) > 00070 PutMask All@(*) > 00080 GetMask All@(*) > 00090 AuthType Basic > 00100 ServerID NOTSECURE > 00110 UserID QUSER > 00120 } > <snip> > 00220 protect ftp:* SECUREPROXY > 00230 protect http:* > SECUREPROXY > 00240 protect http://www.ibm* NOTSECURE > 00250 proxy ftp:* > 00260 proxy http:* > <snip> > > TIA - Larry > > > -- > Larry Bolhuis > Arbor Solutions, Inc. > (616) 451-2500 > (616) 451-2571 -fax > lbolhuis@arbsol.com > +--- > | This is the Midrange System Mailing List! > | To submit a new message, send your mail to MIDRANGE-L@midrange.com. > | To subscribe to this list send email to MIDRANGE-L-SUB@midrange.com. > | To unsubscribe from this list send email to > MIDRANGE-L-UNSUB@midrange.com. > | Questions should be directed to the list owner/operator: > david@midrange.com > +--- > +--- | This is the Midrange System Mailing List! | To submit a new message, send your mail to MIDRANGE-L@midrange.com. | To subscribe to this list send email to MIDRANGE-L-SUB@midrange.com. | To unsubscribe from this list send email to MIDRANGE-L-UNSUB@midrange.com. | Questions should be directed to the list owner/operator: david@midrange.com +---
As an Amazon Associate we earn from qualifying purchases.
This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].
Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.