On 14/04/2015 11:26 a.m., Balázs Szabados wrote: > Hi, > > I'd like to ask your help regarding configuring authentication with Squid. > > My auth related conf: > > auth_param digest program /usr/lib/squid/digest_pw_auth -c /etc/squid/passwd Possile Problem #1: digest_pw_auth has not existed in some years. The helpers correct current name is digest_file_auth. Please upgrade. > auth_param digest children 5 > auth_param digest realm squid > auth_param digest nonce_garbage_interval 5 minutes > auth_param digest nonce_max_duration 30 minutes > auth_param digest nonce_max_count 50 > acl password proxy_auth REQUIRED > http_access allow password Possible Problem #2: when wrong credentials are presented the "http_access allow password" will NOT require new ones. It will just skip to the next line - which is an implicit "deny all" Use this instead: http_access deny !password http_access allow localnet Possible Problem #3: the client you are testing with may not support Digest authentication. In the current Squid releases use "debug_options 11,2" in squid.conf to get a cache.log trace of the HTTP headers the client is sending. Amos _______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
