[squid-users] RE: Squid, Java, Basic Authentication from Brian Bepristis on 2007-03-23 (squid-users)

From: Brian Bepristis <bbepristis@dont-contact.us>
Date: Fri, 23 Mar 2007 10:48:42 -0400

Hey all I have squid setup and has been running for some time at one of
my customers sites however when every they visit this site with java it
keeps asking for the username and password and we are typing it in
correctly but I need to get this issue resolved today. So any help would
be much appreciated here is the conf and here is the cache.log and the
access.log thanks for the help

Cache LOG
-------------------------------------------
2007/03/23 13:58:52| The request CONNECT dealerconnect.chrysler.com:443
is ALLOWED, because it matched 'SSL_ports'
2007/03/23 13:58:54| The request CONNECT dealerconnect.chrysler.com:443
is ALLOWED, because it matched 'SSL_ports'
2007/03/23 13:58:56| The request CONNECT dealerconnect.chrysler.com:443
is ALLOWED, because it matched 'SSL_ports'
2007/03/23 13:58:56| The request CONNECT
w02.dealerconnect.chrysler.com:443 is ALLOWED, because it matched
'SSL_ports'
2007/03/23 13:58:57| The request CONNECT
w02.dealerconnect.chrysler.com:443 is ALLOWED, because it matched
'SSL_ports'
2007/03/23 13:58:58| The request CONNECT
w02.dealerconnect.chrysler.com:443 is DENIED, because it matched
'AuthorizedUsers'
2007/03/23 13:59:11| The request CONNECT
w02.dealerconnect.chrysler.com:443 is DENIED, because it matched
'AuthorizedUsers'
2007/03/23 13:59:11| The request CONNECT
w02.dealerconnect.chrysler.com:443 is DENIED, because it matched
'AuthorizedUsers'

Access.log
------------------------------------------------------
1174672732.220 339 127.0.0.1 TCP_MISS/200 10693 CONNECT
w02.dealerconnect.chrysler.com:443 bbepristis DIRECT/129.9.232.94 -
1174672732.276 440 127.0.0.1 TCP_MISS/200 5137 CONNECT
dealerconnect.chrysler.com:443 bbepristis DIRECT/129.9.153.34 -
1174672732.438 205 127.0.0.1 TCP_MISS/200 2428 CONNECT
w02.dealerconnect.chrysler.com:443 bbepristis DIRECT/129.9.232.94 -
1174672732.582 265 127.0.0.1 TCP_MISS/200 5582 CONNECT
dealerconnect.chrysler.com:443 bbepristis DIRECT/129.9.155.34 -
1174672732.680 454 127.0.0.1 TCP_MISS/200 5248 CONNECT
w02.dealerconnect.chrysler.com:443 bbepristis DIRECT/129.9.116.38 -
1174672732.707 382 127.0.0.1 TCP_MISS/200 2785 CONNECT
dealerconnect.chrysler.com:443 bbepristis DIRECT/129.9.153.34 -
1174672732.816 219 127.0.0.1 TCP_MISS/200 2516 CONNECT
dealerconnect.chrysler.com:443 bbepristis DIRECT/129.9.155.34 -
1174672733.107 381 127.0.0.1 TCP_MISS/200 2921 CONNECT
w02.dealerconnect.chrysler.com:443 bbepristis DIRECT/129.9.116.38 -
1174672733.189 356 127.0.0.1 TCP_MISS/200 5198 CONNECT
dealerconnect.chrysler.com:443 bbepristis DIRECT/129.9.153.34 -
1174672735.371 592 127.0.0.1 TCP_MISS/200 31453 CONNECT
dealerconnect.chrysler.com:443 bbepristis DIRECT/129.9.155.34 -
1174672737.171 527 127.0.0.1 TCP_MISS/200 10693 CONNECT
w02.dealerconnect.chrysler.com:443 bbepristis DIRECT/129.9.232.94 -
1174672737.173 536 127.0.0.1 TCP_MISS/200 5646 CONNECT
dealerconnect.chrysler.com:443 bbepristis DIRECT/129.9.153.34 -
1174672737.627 429 127.0.0.1 TCP_MISS/200 5368 CONNECT
w02.dealerconnect.chrysler.com:443 bbepristis DIRECT/129.9.116.38 -
1174672738.198 5 127.0.0.1 TCP_DENIED/407 1780 CONNECT
w02.dealerconnect.chrysler.com:443 - NONE/- text/html
1174672751.348 5 127.0.0.1 TCP_DENIED/407 1780 CONNECT
w02.dealerconnect.chrysler.com:443 - NONE/- text/html
1174672751.373 5 127.0.0.1 TCP_DENIED/407 1780 CONNECT
w02.dealerconnect.chrysler.com:443 - NONE/- text/html

Conf File
------------------------------------------------------------------

http_port 3128
cache_log /var/log/squid/cache.log
debug_options ALL,1 33,2
auth_param basic program /usr/lib/squid/smb_auth -W FAC -U
192.168.101.144
auth_param basic children 5
auth_param basic realm NextFilter
auth_param basic credentialsttl 168 hours
#auth_param basic credentialsttl .014 hours
auth_param basic casesensitive off

refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern . 0 20% 4320

acl Java browser Java/1.4 Java/1.5
acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl to_localhost dst 127.0.0.0/8
acl nopasswd url_regex "/etc/squid/nopasswd"
acl manheim port 1002 1003 1004 1005 9100 9101-9105 9201 - 9205 9301-
9305 9401 - 9405 9501 - 9505 9601 - 9605
acl SSL_ports port 443 563
acl http_ports port 80
acl Safe_ports port 21 # ftp
acl Safe_ports port 22 #SSH
acl Safe_ports port 23 #Telnet
acl Safe_ports port 8080 #Tomcat
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl CONNECT method CONNECT
acl AuthorizedUsers proxy_auth REQUIRED
http_access allow AuthorizedUsers http_ports
http_access allow all manheim
http_access allow all Java
http_access allow all SSL_ports
http_access allow all CONNECT SSL_ports
http_access allow all nopasswd
http_access allow all Safe_ports
http_reply_access allow all
icp_access allow all
Received on Fri Mar 23 2007 - 08:48:50 MDT

This archive was generated by hypermail pre-2.1.9 : Sat Mar 31 2007 - 13:00:02 MDT