Re: [SQU] Authentication Stress - Part 2

The htpasswd password file format is different from the standard Unix password
file (/etc/passwd). You should use a different file for that. Perhaps
/usr/local/squid/etc/.htaccess or /usr/local/squid/etc/.htpasswd
Anyway try this:
1.) At the source directory, type:
./configure ; cd auth_modules/NCSA ; make ; make install

2.) Place in squid.conf :
authenticate_program /usr/local/squid/bin/ncsa_auth
/usr/local/squid/etc/.htpasswd
acl auth_users proxy_auth REQUIRED
http_access allow auth_users

* auth_users = password or anything you may wish to call it.

3.) Make squid read new changes to squid.conf:
    squid -k reconfigure

4.) Place this at the end /usr/local/apache/conf/httpd.conf or
/etc/httpd/conf/httpd.conf (I am assuming you are using an apache version which
uses only httpd.conf and not access.conf or srm.conf :

ScriptAlias /Squid/cgi-bin/ /usr/local/squid/bin/

# Squid Cache Manager Authentication
#
<Location /Squid/cgi-bin/cachemgr.cgi>
AuthUserFile /usr/local/squid/etc/.htpasswd
AuthGroupFile /dev/null
AuthName /Squid/cgi-bin/cachemgr.cgi
AuthType Basic
require user cachemanager
</Location>

5.) Restart apache (/etc/init.d/apache restart or
/usr/local/apache/bin/apachectl restart)

6.) Create cachemanager account:
    /usr/local/apache/bin/htpasswd -c /usr/local/squid/etc/.htpasswd
cachemanager
* This is only the password account that gives you access to the cgi script.
There is a second authentication that can be set up in squid.conf.

7.) At browser, type:
     http://webserver_name/Squid/cgi-bin/cachemgr.cgi
Also, if you are allowing all, there is no need to deny all for you are really
filtering anything. Good luck!

Done
Ben Mckellar wrote:

> Ok,
>
> I receive the password box, but thats about it. Should this work with
> htpasswd ?
>
> Can anyone spot anything with this? help appreciated.
>
> Key features of my configuration
>
> --------/etc/squid/squid.conf----------
> acl password proxy_auth REQUIRED
>
> acl all src 0.0.0.0/0.0.0.0
>
> ------http_Access
> http_access allow localhost
> http_access allow password
> http_access allow all
> http_access deny all
>
> -------Authenticate Program--------
> authenticate_program /usr/bin/htpasswd /etc/passwd
>
> #### Alternatively, can someone please give me the steps to configure NCSA
> into Squid.
>
> WHen i typed make, make install i got an error.
>
> I run Redhat 7.0 standard server install with squid 2.3 stable.
>
> As far as i can see the howtos are made for Freebsd/slackware.. and a lot
> of the tar.gz commands bring back errors etc...
>
> Can someone please shed some light on my dilema.
>
> I dont really know where to go from here...
>
> Thanx in advance.
>
> Ben M
>
> --
> To unsubscribe, see http://www.squid-cache.org/mailing-lists.html

--
To unsubscribe, see http://www.squid-cache.org/mailing-lists.html