On Mon, Aug 11, 2014 at 7:59 PM, Sarah Baker <sbaker@xxxxxxxxxxxxxx> wrote:
> Background:
> Squid: squid-3.1.23-2.el6.x86_64
> OS: CentOS 6.5 - Linux 2.6.32-431.23.3.el6.x86_64 #1 SMP Thu Jul 31 17:20:5=
> 1 UTC 2014 x86_64 x86_64 x86_64 GNU/Linux
>
> Issue:
> I have two boxes, same OS, same squid binary, same config file, same squid-= passwd file.
> Configuration is setup for ncsa_auth. Squid runs as user squid.
>
> Both systems return OK to use of command line of ncsa_auth as squid user to= the login and password in the squid-passwd file.
>
> Using squid however via a curl thru one of the proxy ips/port of the system=
> : one system gives 403 forbidden, the other works just fine.
> Tried removing authentication entirely, a fully open squid. It fails - same message.
403 forbidden means that the authenticator doesn't even get to kick
in; it's a final deny.
Are you really sure that the 403 is generated by Squid, and not by the
origin server? you can tell by looking at the error page.
> Also looked at thusfar:
> rpm -q query_options --requires squid-3.1.23-2.el6.x86_64
> the same on both boxes.
> Ran yum update on both to insure everything was up to latest - no change.
The issue is either not in squid or it's related to the http_access
configuration.
Would you mind sharing an excerpt of your squid.conf with including that part?
> Any ideas what I should look far?
--
Francesco
