Enabling basic authentication in Squid

Found this in my gmail archive and thought it would be easier to have it on my blog. I had replied with this to someone on the lug.lk mailing list. Actually noticed an error on my reply as well, which is corrected on the below. -2007-08-01 Squid supports lot of authentication methods. I'll put the basic method that uses ncsa_auth program. You need to make the following changes to your squid.conf. Please be advised that the below, gives only a very basic proxy setup with authentication. If you want something complex, you might want to the squid documentation. **Backup your existing squid.conf Put/uncomment following lines to your squid.conf auth_param basic program /usr/lib/squid/ncsa_auth /etc/squid/squid_passwd ncsa_auth program is installed along squid in redhat flavours, under /usr/lib/squid/ . "/etc/squid/passwd" is the name of the file where all the passwords will be kept. You can change this to point to wherever you want in the file system. auth_param basic children 5 auth_param basic realm Squid proxy-caching web server auth_param basic credentialsttl 2 hours auth_param basic casesensitive off First line below is an ACL named "authenticated_user" Second line defines the networks in the LAN. This should be changed according to your setup. ( i just copied over from def: squid.configuration :-) ) The third allows http access through the proxy for Authenticated connections coming from the specified networks. acl authenticated_user proxy_auth REQUIRED acl our_networks src http_access allow our_networks authenticated_user Once you have made the above changes to the squid.conf you have to create the username/passwords in the specified file. ( /etc/squid/squid_passwd in this ) For that, do, htpasswd -c /etc/squid/squid_passwd username password After adding the 1st user in the above way, to add more new users, use the below method. htpasswd /etc/squid/squid_passwd username password You can find out various parameters you can use with htpasswd from the man page. When everything is done, simply restart the squid service.. If you want squid to connect to a separate service for authentication, refer to the squid documentation, there are quite a few methods that are currently supported.


umm.. I am new to linux/squid/ and using dansguardian for blocking and reporting..

I wanted to setup an auth method for the dans guardian to prompt for access and grant if the ldap (AKA AD in windows is authenicated against)

can you help with that?
sorry for the very delayed reply.. Since DansGuardian and Squid are normally integrated using cache_peer, you should be able to do the necessary authentications at the Squid level, when a client makes a request.
However im not sure if DansGuardian alone is capable of such things.
Anonymous said…
buy cialis online cialis online buy - buy cheap brand cialis

Popular Posts