Re: [squid-users] proxy_auth help

Below I have pasted my acls, http_access and auth_param
lines. I tried what you suggested Edward but I am still
not having any luck. Do I need to type some kind of
password and user name in to get at the Cache Manger
through Webmin? Before I turned proxy_auth on I never had
to type in a password and user name to get at the Cache
manager I simply changed the port and number to 8080. I
know it has to be something simple I am doing wrong but I
for the life of me can’t figure it out.
Also Edward I do not have a wb_group module I have a
wb_auth module I am running samba 2.2.6. Am I suppose to
have a wb_group module?

Thanks for the help so far it is very appreciated.

acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl http_ports port 1-65000

acl CONNECT method CONNECT
acl proxy_server dst 172.16.1.226/255.255.255.255
acl restricted_users_websites dstdomain
"/etc/squid/restricted_users_websites.txt"
acl my_network src 172.16.0.0-172.25.0.0/255.255.0.0

external_acl_type NT_auth %LOGIN /usr/lib/squid/wb_auth
acl FullAccess external NT_auth all

acl unrestricted_users proxy_auth
"/etc/squid/unrestricted_users.txt"
acl restricted_users proxy_auth
"/etc/squid/restricted_users.txt"

acl downloads rep_mime_type
"/etc/squid/mime_type_blocked_download.txt"
acl blocked_urls url_regex "/etc/squid/blocked_urls.txt"
acl available_download_websites dstdomain
"/etc/squid/available_download_websites.txt"

http_access deny blocked_urls
http_access allow restricted_users
restricted_users_websites http_ports my_network
http_access allow unrestricted_users all http_ports
my_network
http_access allow proxy_server http_ports my_network
http_access allow FullAccess

http_access allow manager localhost
http_access allow manager FullAccess

auth_param ntlm program /usr/lib/squid/wb_ntlmauth
auth_param ntlm children 5
auth_param ntlm max_challenge_reuses 0
auth_param ntlm max_challenge_lifetime 2 minutes

auth_param basic program /usr/lib/squid/wb_auth
auth_param basic children 5
auth_param basic realm Squid proxy-caching web server
auth_param basic credentialsttl 2 hours

On 06 Nov 2002 08:58:38 -0600
  Edward Mann <edward@arctechnology.com> wrote:
>ACL run in order. Using the ip address, something like
>this should do
>the trick.
>
>acl nopasswd src 10.251.0.38/255.255.0.0
>10.251.0.39/255.255.0.0
>
>external_acl_type NT_global_group %LOGIN
>/usr/lib/squid/wb_group
>acl FullAccess external NT_global_group internet
>
>
>http_access allow nopasswd
>http_access allow FullAccess
>
>
>See if that works.
>
>On Wed, 2002-11-06 at 05:48, Chris Tatro wrote:
>> I have all the users authenticating through the NT
>>domain
>> controller via winbind from samba. How do I write a ACL
>> with proxy_auth to allow 2 computer to get through
>>without
>> authenticating?
>> Is this possible?
>>
>> Thanks
>>
>> >PS I found this post which says what I need to do to
>>get my cachemgr.cgi working.
>>
>>
>> >You need to allow the host where cachemgr.cgi runs
>>access without
>> >proxy_auth.
>>
>> >I have a small patch to cachemgr.cgi to allow it to be
>>used in
>> >proxy_auth environments.
>>
>> ---
>> >Henrik Nordstrom
>> >Spare time Squid hacker
>>
>> >Alex Pikus wrote:
>

<TEXTAREA NAME="Signature" ROWS="4" COLS="60"><TEXTAREA
NAME="Signature" ROWS="4" COLS="60">
Received on Wed Nov 06 2002 - 12:43:07 MST