[squid-users] Squid in acceleration mode and authentciation from Rakesh Jha on 2010-05-02 (squid-users)

From: Rakesh Jha <rakesh_at_burgan.com>
Date: Sun, 2 May 2010 14:20:59 +0300

Hi,

I want to run squid in acceleration mode for a internal site. The ISS
site prompts window for authentication. When I connect to the site I get
window prompt for entering username and password. But after entering
domain username and password, I get access denied to the site.

I have compiled squid 3 with following option -

/sbin/squid -v
Squid Cache: Version 3.1.0.17
configure options: '--enable-ssl' '--enable-ntlm-auth'
'--enable-basic-auth' --with-squid=/tmp/squid-3.1.0.17
--enable-ltdl-convenience

My squid.conf is

acl manager proto cache_object
acl localhost src 127.0.0.1/32
acl to_localhost dst 127.0.0.0/8
acl bd_host dst 10.10.3.41/32
acl all src 0.0.0.0/0.0.0.0
acl SSL_ports port 443
acl CONNECT method CONNECT

http_access allow manager localhost
http_access deny manager
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports

http_access allow bd_host
http_access allow all
icp_access deny all
htcp_access deny all

https_port 10.1.1.97:443 defaultsite=tpaspp01 protocol=http
cert=/usr/local/cert/cert.crt key=/usr/local/cert/private.key version=3
options=NO_SSLv2

ssl_unclean_shutdown on

cache_peer tpaspp01 parent 80 0 no-query proxy-only login=PASS
front-end-https=on

hierarchy_stoplist cgi-bin ?

access_log /usr/local/squid/var/logs/access.log squid

refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern (cgi-bin|\?) 0 0% 0
refresh_pattern . 0 20% 4320

cache_effective_user squid
cache_effective_group squid

visible_hostname bdproxy

icp_port 3130

auth_param basic program /usr/local/squid/pam_auth
auth_param basic children 5
auth_param basic realm Adzapping Squid
auth_param basic credentialsttl 1 week
acl password proxy_auth REQUIRED
http_access allow password

Please inform me what am I missing???????

Thanks
Rakesh
Attention:
Any non-official business related views, opinions and other information presented in this electronic mail
are solely those of the sender/author.
Burgan Bank does not endorse or accept responsibility for their opinions. If you are not the addressed
indicated in this mail or responsible for delivering this message to the intended,
you should delete this message and notify the sender immediately.
-------------------------------------------------------
Burgan Bank S.A.K
www.burgan.com
Received on Sun May 02 2010 - 11:21:24 MDT

This archive was generated by hypermail 2.2.0 : Sun May 02 2010 - 12:00:03 MDT