Yan Seiner wrote:
> I'm trying to set up squid authentication, and I must be missing
> something simple. I've tried both pam and ldap; while each works
> separately, neither will work with squid. The browser never pops up the
> authentication dialog box.
>
> If I use basic or htdigest auth in apache, the browsers properly display
> the auth dialog box. But not with squid.
>
> auth_param basic program /usr/lib/squid/pam_auth
>
> acl AUTHENTICATED proxy_auth REQUIRED
> acl our_networks src 192.168.128.0/24
> acl localhost src 127.0.0.1/32
> acl all src 0.0.0.0/0.0.0.0
>
> http_access allow AUTHENTICATED
> #http_access allow our_networks
> http_access allow localhost
> http_access deny all
>
> Any ideas on what I'm doing wrong?
deny !AUTHENTICATED.
On 'allow' squid will either accept (aka allow) or continue looking for
other rules that may apply.
If you deny access to non-authenticated users Squid will challenge for
any missing auth details before continuing to look for a reason to allow
the request.
Normal auth usage is like this:
http_access deny !AUTHENTICATED
http_access allow our_networks
http_access deny all
(allow only local networks, if they are authenticated first)
Amos
-- Please be using Current Stable Squid 2.7.STABLE6 or 3.0.STABLE15 Current Beta Squid 3.1.0.8 or 3.0.STABLE16-RC1Received on Thu Jun 11 2009 - 13:57:37 MDT
This archive was generated by hypermail 2.2.0 : Fri Jun 12 2009 - 12:00:03 MDT