On Fri, 7 Nov 2003, Matthew Richards wrote: > Can anyone please tell me if it is possible to have a user challenged to > authenticate by squid but > have an application on the same computer access the Internet without being > challenged?
Yes. If your application sends a identifiable User-Agent then this can be used to allow any application identifying itself as this User-Agent access without authentication by using the browser acl type. Please note however that this can be abused by your users to bypass the authentication by reconfiguring their browser to identify itself as this User-Agent.. there is no means whereby the proxy can securely verify that the indicated User-Agent string is really your application and not something else claiming to be your application. But assuming your application only visits a handful of sites you can set up access controls to only allow this User-Agent to bypass authentication for these sites, or even all access to these sites if the User-Agent is not identifiable. Regards Henrik
