Chris Robertson wrote:
> Amos Jeffries wrote:
>> Yan Seiner wrote:
>>> I'm trying to set up squid authentication, and I must be missing
>>> something simple. I've tried both pam and ldap; while each works
>>> separately, neither will work with squid. The browser never pops up
>>> the authentication dialog box.
>>>
>>> If I use basic or htdigest auth in apache, the browsers properly
>>> display the auth dialog box. But not with squid.
>>>
>>> auth_param basic program /usr/lib/squid/pam_auth
>>>
>>> acl AUTHENTICATED proxy_auth REQUIRED
>>> acl our_networks src 192.168.128.0/24
>>> acl localhost src 127.0.0.1/32
>>> acl all src 0.0.0.0/0.0.0.0
>>>
>>> http_access allow AUTHENTICATED
>>> #http_access allow our_networks
>>> http_access allow localhost
>>> http_access deny all
>>>
>>> Any ideas on what I'm doing wrong?
>>
>> deny !AUTHENTICATED.
>>
>> On 'allow' squid will either accept (aka allow) or continue looking
>> for other rules that may apply.
>>
>> If you deny access to non-authenticated users Squid will challenge for
>> any missing auth details before continuing to look for a reason to
>> allow the request.
>>
>> Normal auth usage is like this:
>>
>> http_access deny !AUTHENTICATED
>> http_access allow our_networks
>> http_access deny all
>
> The wiki is misleading on this.
> http://wiki.squid-cache.org/SquidFaq/ProxyAuthentication
>
Thanks for finding that. Clarified a bit and moved the page to where it
should be.
http://wiki.squid-cache.org/Features/Authentication
Amos
-- Please be using Current Stable Squid 2.7.STABLE6 or 3.0.STABLE15 Current Beta Squid 3.1.0.8 or 3.0.STABLE16-RC1Received on Fri Jun 12 2009 - 03:03:27 MDT
This archive was generated by hypermail 2.2.0 : Sat Jun 13 2009 - 12:00:02 MDT