On 6/19/06, Henrik Nordstrom <henrik@xxxxxxxxxxxxxxxxxxx> wrote:
mån 2006-06-19 klockan 15:21 -0400 skrev Sketch: > Is it really that complicated to get basic HTTP Authentication setup in squid? Not at all. You need a) A password database of some kind b) The proper helper to connect to that password database (ncsa_auth if using Apache htpasswd files) c) About 3 lines in squid.conf making use of the authentication, one auth_param line to specify the helper and password database, and one acl defining what users are valid, and one http_access rule limiting access to authenticated users only..
Basically I have a .htaccess and .htpasswd, I don't want to be adding user manually to the squid configuration everytime a user is added. Also, the protected directories are dynamic, so I cannot define them within the squid conf, it's solely dependent on the .htaccess files...
> Can I just have the Authorization header passed directly to the origin server? Normally done by default.
So is it safe to assume that as long as the Authorization string is passed by using login=PASS on the cache_peer entry, authentication should work without the external helper (ncsa_auth)?
Is this a reverse-proxy setup using cache_peer for request forwarding (I assume so as you mention the rproxy patch)? If so see the login= parameter to cache_peer.
Yes, reverse with cache_peers.
