RE: [squid-users] Reverse proxy auth problem from Laurikainen, Tuukka on 2006-11-20 (squid-users)

From: Laurikainen, Tuukka <t.laurikainen@dont-contact.us>
Date: Mon, 20 Nov 2006 16:52:24 +0100

Hi Aurelien,

Try login=PASS on the cache_peer directive.

I.e.

cache_peer 192.168.66.52 parent 80 0 originserver login=PASS default

Kind regards,

Tuukka

> -----Original Message-----
> From: Aurelien beorn Rougemont [mailto:beorn@eswc.biz]
> Sent: Monday, November 20, 2006 4:36 PM
> To: squid-users@squid-cache.org
> Subject: [squid-users] Reverse proxy auth problem
>
> Hello,
>
> I'm currentlly using Squid 2.6 as a reverse proxy for some hosting
> project. So far the results were good, but when i have tried to add some
> htaccess adding some auth on the webserver the troubles came in.
>
> works fine : browser ------> [www]
> Auth failure then http error 401 : browser -----> [squid] ------> [www]
>
> Knowing that i will never use the proxy's auth mecanisms, has anyone has
> any advice on this ?
>
> Best regards,
>
> Aurélien "beorn" Rougemont.
>
>
> some information :
>
>
> - linux 2.6 kernel (debian)
> - squid -v gives :
>
> Squid Cache: Version 2.6.STABLE4
> configure options: '--prefix=/usr' '--exec_prefix=/usr'
> '--bindir=/usr/sbin' '--sbindir=/usr/sbin'
> '--libexecdir=/usr/lib/squid' '--sysconfdir=/etc/squid'
> '--localstatedir=/var/spool/squid' '--datadir=/usr/share/squid'
> '--enable-async-io' '--with-pthreads'
> '--enable-storeio=ufs,aufs,coss,diskd,null'
> '--enable-linux-netfilter' '--enable-linux-proxy' '--enable-arp-acl'
> '--enable-epoll' '--enable-removal-policies=lru,heap'
> '--enable-snmp' '--enable-delay-pools' '--enable-htcp'
> '--enable-cache-digests' '--enable-underscores'
> '--enable-referer-log' '--enable-useragent-log'
> '--enable-auth=basic,digest,ntlm' '--enable-carp'
> '--with-large-files' 'i386-debian-linux'
> 'build_alias=i386-debian-linux' 'host_alias=i386-debian-linux'
> 'target_alias=i386-debian-linux
>
> - squid .conf is :
>
> http_port A.B.C.D:80 vhost vport
> http_port E.F.G.H:80 vhost vport
> http_port 127.0.0.1:80
> icp_port 0
> cache_peer 192.168.66.52 parent 80 0
> originserver default
> #cache_effective_user squid
> #cache_effective_group squid
> maximum_object_size_in_memory 20 MB
> cache_mem 256 MB
> cache_swap_low 94
> cache_swap_high 98
> maximum_object_size 512 MB
> cache_dir ufs /var/spool/squid 20480 256
> 256
> cache_mgr servers@url.com
> visible_hostname the.url.com
> memory_pools on
> memory_pools_limit 32 MB
> logformat combined %{Host}>h %>a %ui %un
> [%tl] "%rm %ru HTTP/%rv" %Hs %<st "%{Referer}>h" "%{User-Agent}>h"
> %Ss:%Sh
> logformat vcombined %{Host}>h %>a %ui %un
> [%tl] "%rm %ru HTTP/%rv" %Hs %<st "%{Referer}>h" "%{User-Agent}>h"
> access_log /var/log/squid/access.log
> combined
> access_log /var/log/squid/vaccess.log
> vcombined
> cache_store_log /var/log/squid/store.log
> cache_log /var/log/squid/cache.log
> logfile_rotate 60
> collapsed_forwarding on
> vary_ignore_expire on
> acl all src 0.0.0.0/0.0.0.0
> acl localhost src
> 127.0.0.1/255.255.255.255
> acl manager proto cache_object
> acl from_localhost src
> 127.0.0.1/255.255.255.255
> acl from_dmz src 192.168.66.0/24
> acl to_accel_hosts dst
> A.B.C.D/255.255.255.255
> http_access allow to_accel_hosts
> http_access allow from_dmz
> http_access allow manager from_localhost
> http_access deny manager
> http_access deny all
> #deny_info http://the.url.com from_all
>
Received on Mon Nov 20 2006 - 08:54:57 MST

This archive was generated by hypermail pre-2.1.9 : Fri Dec 01 2006 - 12:00:03 MST