squid acl policy using username

You need to define and use ACLs of type proxy_auth; as per the page you linked:

Acl Type: proxy_auth

Description User authentication via external processes. proxy_auth requires an EXTERNAL authentication program to check username/password combinations (see authenticate_program ).

Usage acl aclname proxy_auth username...

use REQUIRED instead of username to accept any valid username

Example acl ACLAUTH proxy_auth usha venkatesh balu deepa

This acl is for authenticating users usha, venkatesh, balu and deepa by external programs.

This way, Squid will authenticate the users using any authentication method you choose (you said this is already in place, so you should have no problem here), and then you will be able to filter access based on usernames.

Sample configuration:

acl Good_Users user1 user2 user3
http_access allow Good_Users
http_access deny all

This will only allow user1, user2 and user3 to access the web.

You need to be aware that its relatively easy to supply false credentials via ident (unless the clients are well locked down). It also requires software to be installed on client machines. I've previously used this with a mixture of clients on a corporate LAN and it worked for me - but I set that system up a long time before Microsoft started messing with LDAP.

AFAIK, while you can also use NTLM, outside Microsoft land its only as secure as ident.

The active directory method (assuming you are doing something like this rather than NTLM) should be more secure. But if you are, then WTF has the IP address got to do with it? Sounds like you've a very broken solution relying on IP address (mis)authentication. (IP addresses can be faked very easily).

is it work for my testcase?

I have no idea what your test case is.