-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 2/12/2014 8:28 a.m., fzab_ wrote: > Hi, I want to use Squid locally on my computer to forward all > traffic to a parent Squid proxy which uses BASIC authentication. > The aim is to not store my password on every configuration file > that needs internet access. > > So here's the only lines I added to Squid default conf file : > > /cache_peer x.x.x.x parent 3128 0 no-query default > login=login:password no-digest never_direct allow all/ > > It seems to work for a few minutes, but it doesn't seem to > authenticate again when needed to. The access log shows 407 errors > when it breaks. : > > /297 127.0.0.1 TCP_MISS/407 2071 GET http://...../ > > Am I missing something, when I take a look at the sent requests, > none have an authentication header? All requests from Squid to its cache_peer should have the header: Proxy-Authorization: Basic bG9naW46cGFzc3dvcmQg (bG9naW46cGFzc3dvcmQg being base64 encoded string "login:password"). If you are getting a 407 *from the peer*, that means either it does not want Basic auth or the login:password details are incorrect. Squid supports only Kerberos or Basic auth to peers, not Digest or NTLM. Amos -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.22 (MingW32) iQEcBAEBAgAGBQJUfyUbAAoJELJo5wb/XPRjhIgH/0EIPR2SJIPZpVGzzs6C1Bj9 EEWJ1w/oIp2fYKm7raB2kLp8xLLSIxc4a6s8od5UD4R9OyiQECqjCWO/sub9lsK4 GqX/anIxct8vDJb82jIe4qjFVi4SLA0YvBavgMV71yH4j7pSZRRdM/EKqdYMeq4F Rrm2Xdfec/LXYP2EYFcPssT7XjjuH2qne2RgPAhtcfnEFnYMjmOHy56lGuiMkjTd ftN0LuoTmIPR8zBzV+DXaaPHmajpLgtr8Onh89pYNULqsOqWgKXeXIm3UQtTu01e O7Ni8fWLV8kDMKYbdCfWxPKb8OUU3INoUzgi0S9LjluoDD3E4wnnzoX/jIzJ1X0= =fx/l -----END PGP SIGNATURE----- _______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
