Chris Robertson wrote:
Amos Jeffries wrote:
Yan Seiner wrote:
I'm trying to set up squid authentication, and I must be missing
something simple. I've tried both pam and ldap; while each works
separately, neither will work with squid. The browser never pops up
the authentication dialog box.
If I use basic or htdigest auth in apache, the browsers properly
display the auth dialog box. But not with squid.
auth_param basic program /usr/lib/squid/pam_auth
acl AUTHENTICATED proxy_auth REQUIRED
acl our_networks src 192.168.128.0/24
acl localhost src 127.0.0.1/32
acl all src 0.0.0.0/0.0.0.0
http_access allow AUTHENTICATED
#http_access allow our_networks
http_access allow localhost
http_access deny all
Any ideas on what I'm doing wrong?
deny !AUTHENTICATED.
On 'allow' squid will either accept (aka allow) or continue looking
for other rules that may apply.
If you deny access to non-authenticated users Squid will challenge for
any missing auth details before continuing to look for a reason to
allow the request.
Normal auth usage is like this:
http_access deny !AUTHENTICATED
http_access allow our_networks
http_access deny all
The wiki is misleading on this.
http://wiki.squid-cache.org/SquidFaq/ProxyAuthentication
Thanks for finding that. Clarified a bit and moved the page to where it
should be.
http://wiki.squid-cache.org/Features/Authentication
Amos
--
Please be using
Current Stable Squid 2.7.STABLE6 or 3.0.STABLE15
Current Beta Squid 3.1.0.8 or 3.0.STABLE16-RC1
