[squid-users] user autehntication in Squid proxy server

From: HoayFern <hoayfern.lee@dont-contact.us>
Date: Sat, 15 Sep 2001 11:12:52 -0700

Hi,

I need to configure user authentication for the squid proxy in E-Smith 4.1.2

I have follow below steps:

here are the steps to install and configure.
  1.. Download the file you choose - either pam_auth of ncsa_auth - I suggest pam_auth
  2.. extract

    a.. tar -zxvf pam_auth.tar.gz
  3.. put file in place and set correct permissions
    a.. mkdir -p /usr/local/squid/bin
    b.. mv pam_auth /usr/local/squid/bin
    c.. chown root /usr/local/squid/bin/pam_auth
    d.. chmod u+s /usr/local/squid/bin/pam_auth
  4.. add a squid config file for pam
    a.. pico /etc/pam.d/squid
    b.. add these two lines
auth required /lib/security/pam_unix.so
account required /lib/security/pam_unix.so

    or for ncsa_auth
cp /stc/shadow /usr/etc/passwd

  5.. add a template to e-smith for the squid.conf file

    a.. mkdir /etc/e-smith/templates-custom/etc/squid/squid.conf
    b.. pico /etc/e-smith/templates-custom/etc/squid/squid.conf/90AuthAdd
    c.. add these lines

authenticate_program /usr/local/squid/bin/pam_auth
authenticate_children 5
acl pwdprotect proxy_auth REQUIRED
http_access allow pwdprotect

  6.. copy the original template-begin
 cp /etc/e-smith/templates/etc/squid/squid.conf/template-begin /etc/e-smith/templates-custom/etc/squid/squid.conf/template-begin

  edit the access rules to remove the allow localhost
pico /etc/e-smith/templates-custom/etc/squid/squid.conf/template-begin

  at approx line 1079 you will find http_access allow localhost comment it by puttting a # in front of the line
  7.. at approx line 1080 you will find http_access deny localhost comment it by puttting a # in front of the line
  8.. expand the template and restart squid

/sbin/e-smith/expand template /etc/squid/squid.conf
/sbin/e-smith/signal-event network-create
in the IE 5.0 in the proxy server i set use a proxy serverAddress : 192.168.168.XPort:3128when i launch the IE 5.0 , the login dialog box comes out:
Enter network PasswordPlease type your username and PasswordFirewal:192.168.168.170Realm Squid proxy-caching web serverUsername: i enter the user account that i created in E-Smith Managerpassword: i enter the user account password that i created in E-Smith Managerthen i click OK
After that THE PAGE CANNOT BE DISPLAYED comes out, even i click Refresh also cannot access to any website, may I know is it because the username and password wrong or any setting wrong ?
After that, i try go to pico /etc/e-smith/templates-custom/etc/squid/squid.conf/template-beginand uncomment the line 1079 and line 1080line 1079: http_access allowLine 1080 http_access denythen i go to IE again and type any address, and i can access to internet.May I know what have I done wrong ?Is it because the username and password wrong ? If username and password wrong, what error message it will comes out ?How can I view the log file see whether what have I done wrong ?please assist because I have try few times still the same prob.I dunno what have i done wrongplease assiststhankshoay fern
 
 
Received on Fri Sep 14 2001 - 21:10:46 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:02:11 MST