First, in my configuration I like to remove the default comments. It makes things easier to read. I keep a back up file with full comments.
Second, there seem to be a number of things wrong with your configuration file.
1. You don't need AuthorizedUsers, you have ncsa_users and that is sufficient. AuthorizedUsers is a string that I use myself, but you don't have to use it.
2. You have http_access deny all in there twice. That shouldn't be.
http_access deny all (remove this)
http_access allow ncsa_users !users !servers !porn !HR !operation
http_access allow AuthorizedUsers (remove this)
3. http_reply_access allow all should follow http_access deny all, not come before it. It might not matter, but that is how I use it.
The ACLs you've defined seem convoluted to me. Perhaps you should run a second squid proxy instance on a different port, and then test that by removing (commenting) out most of those ACL definitions. You should start out with something simple until you figure out what is causing your problem, then go back and add the various ACL settings. Your layout just seems really odd. You should make sure your denys are coming before your allows. You have a number of allows preceding, and these could be trumping what you have lower. Remember, it is first match. For example,
What is "usersComputers"? If that includes desktops, then what you have here is going to allow people out unless the target site falls under "usersBlockedsites". This will occur no matter your authentication following. Perhaps you should remove these 3 lines completely, if you are requiring authentication from any "usersComputers".
acl users src "/etc/squid/usersComputers"
acl usersBlockedsites url_regex -i "/etc/squid/usersSites"
http_access allow users !usersBlockedsites
Further, you might consider using either dansguardian, squidguard, or ufdbguard instead of text files for your filtering. Dansguardian may not play well with authentication because of where it is situated with squid. I personally use ufdbguard and it works well. With an effective filtering solution in place, you may not even need authentication.