[squid-users] using squid-2.6 with mod_auth_kerb-5.3, httpd-2.2.4, and Active Directory

From: Paul Koppel <pkoppe01@dont-contact.us>
Date: Mon, 30 Apr 2007 14:28:16 -0700 (PDT)

(very new to squid)

I am using Windows 2003 Active Directory/KDC and can
successfully login to a protected subdirectory
../htdocs/private on the apache system with
mod_auth_kerb - a "kerberos" dialog box opens up
asking for username/password.

I would like to point squid reverse proxy to the
apache system. Using a url redirect program, I
finally figured out how to point squid to "private"
the kerberos dialog box appears but I can't login.

Do I need to use a authentication helper program - if
so, which one? Ideally I would like all of the
authentication to stay within Windows 2003 server and
simply pass a username/password to the backend apache
server.

Also I know that I need to add proxy_auth in
squid.conf. Here are a few details of my squid.conf
which I believe to be incomplete or incorrect.
Without the proxy_auth steps, squid starts up OK, but
seems to have problems when I add proxy_auth in to
squid.conf

cache_peer 172.20.175.101 parent 80 0 no-query
originserver weight=1 login=PASS no-digest
connection-auth=on

acl our_networks src 172.20.175.0/24
http_access allow our_networks
http_access allow localhost

acl our_networks_auth proxy_auth REQUIRED
http_access allow our_networks_auth
http_access deny all

Thanks in advance for your help.

-- pk

 

__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com
Received on Mon Apr 30 2007 - 15:28:23 MDT

This archive was generated by hypermail pre-2.1.9 : Tue May 01 2007 - 12:00:01 MDT