• Subject: RE: Protection in an HTTP Proxy instance
  • From: "Stone, Brad V (TC)" <bvstone@xxxxxxxxxxxxxx>
  • Date: Fri, 19 Jan 2001 09:37:02 -0600

Try putting the nonprotects first.  It may work like a PASS directive.

ie,
if you have:

Pass /* /myfiles/*
Pass /try/* /tryfiles/*

it will never see the second pass.   You would need to switch these around
to make it work.

The only different is the protect directive may not stop after finding a
"match" in the config. worth a shot, though.

Brad

> -----Original Message-----
> From: Larry Bolhuis [mailto:lbolhuis@arbsol.com]
> Sent: Thursday, January 18, 2001 10:49 AM
> To: Midrange Systems Mailing List
> Subject: Protection in an HTTP Proxy instance
> 
> 
> All the distinguished minds hereby present:
> 
>  I have set up an instance of the HTTP server as a caching 
> proxy. I have
> successfully configured it to only allow access to the internet for
> users with an AS/400 userid and profile with basic authentication and
> the "protect http:* SECUREPROXY" directive. (SECUREPROXY 
> being the name
> assigned to the protection setup)  So far so good.
> 
>  The requirement now is to allow certain specific web sites to NOT
> require authentication. I have successfully gotten "protect
> http://www.ibm* NOTSECURE" to correctly use this protection setup for
> all ibm.com web sites. What I CANNOT do is stop if from 
> prompting for a
> userid and password. What must I do to the protection setup (listed
> below) so that it does NOT prompt the user??
> 
> 00030     Protection NOTSECURE {                  
> 00040         PasswdFile %%SYSTEM%%               
> 00050         DeleteMask All@(*)                  
> 00060         PostMask All@(*)                    
> 00070         PutMask All@(*)                     
> 00080         GetMask All@(*)                     
> 00090         AuthType Basic                      
> 00100         ServerID NOTSECURE                  
> 00110         UserID QUSER                                 
> 00120     }   
> <snip>
> 00220   protect ftp:* SECUREPROXY
> 00230   protect http:*
> SECUREPROXY                                                 
> 00240   protect http://www.ibm* NOTSECURE
> 00250   proxy ftp:*
> 00260   proxy http:*
> <snip>
> 
>   TIA - Larry
>   
> 
> -- 
> Larry Bolhuis
> Arbor Solutions, Inc.
> (616) 451-2500
> (616) 451-2571 -fax
> lbolhuis@arbsol.com
> +---
> | This is the Midrange System Mailing List!
> | To submit a new message, send your mail to MIDRANGE-L@midrange.com.
> | To subscribe to this list send email to MIDRANGE-L-SUB@midrange.com.
> | To unsubscribe from this list send email to 
> MIDRANGE-L-UNSUB@midrange.com.
> | Questions should be directed to the list owner/operator: 
> david@midrange.com
> +---
> 
+---
| This is the Midrange System Mailing List!
| To submit a new message, send your mail to MIDRANGE-L@midrange.com.
| To subscribe to this list send email to MIDRANGE-L-SUB@midrange.com.
| To unsubscribe from this list send email to MIDRANGE-L-UNSUB@midrange.com.
| Questions should be directed to the list owner/operator: david@midrange.com
+---

This thread ...

Follow-Ups:

Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2019 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].