We use both Squid 2.5 and 2.6 as reverse proxies for our production web site. 2.5 seem to pass basic authentication without an issue. We can not get this to work in 2.6. Looking at the release notes it is not clear to me what if anything would need to be changed in the config file to allow this to work with 2.6. Here is my config file: http_port 80 defaultsite=10.10.1.145 https_port 443 cert=/etc/squid/8-22-08.pem key=/etc/squid/8-22-08key.pem options=NO_SSLv2 cipher=DEFAULT:!EXPORT:!LOW defaultsite=10.10.1.145 acl QUERY urlpath_regex cgi-bin \? no_cache deny QUERY acl JS url_regex .js$ no_cache deny JS acl CSS url_regex .css$ no_cache deny CSS acl ASMX url_regex .asmx no_cache deny ASMX auth_param basic children 5 auth_param basic realm Squid proxy-caching web server auth_param basic credentialsttl 2 hours #Suggested default: refresh_pattern ^ftp: 1440 20% 10080 refresh_pattern ^gopher: 1440 0% 1440 refresh_pattern . 0 20% 4320 refresh_pattern -i \.jpg$ 0 100% 10080 refresh_pattern -i \.gif$ 0 100% 10080 refresh_pattern -i \.png$ 0 100% 10080 refresh_pattern -i \.bmp$ 0 100% 10080 #Recommended minimum configuration: acl all src 0.0.0.0/0.0.0.0 acl manager proto cache_object acl localhost src 127.0.0.1/255.255.255.255 acl to_localhost dst 127.0.0.0/8 acl CONNECT method CONNECT acl port80 myport 80 acl port443 port 443 acl port563 port 563 acl TheOriginServer dst 10.10.1.145 #Recommended minimum configuration: # Only allow cachemgr access from localhost http_access allow manager localhost http_access deny manager http_access allow port563 http_access allow port443 http_access allow port80 http_access allow TheOriginServer http_access deny all http_reply_access allow all icp_access allow all cache_peer 10.10.1.145 parent 80 0 no-query originserver deny_info https://www.example.com/ port80 coredump_dir /var/spool/squid visible_hostname https://www.example.com/ logfile_rotate 9 negative_ttl 0 minutes
