Re: [squid-users] Problem with auth on Squid 3

From: Amos Jeffries <squid3_at_treenet.co.nz>
Date: Thu, 26 Jan 2012 04:28:16 +1300

On 26/01/2012 4:02 a.m., Andrew Burger wrote:
> Hi There,
>
> I'm using squid 3.1.10 and have a problem with authentication.
>
> It work on my prevois version but on the my new Centos 6.2 it just don't want to.
>
> Please see below error.
>
> Starting squid: [FAILED]
> 2012/01/25 16:50:12| Processing Configuration File: /etc/squid/squid.conf (depth 0)
> 2012/01/25 16:50:12| Can't use proxy auth because no authentication schemes are fully configured.
> FATAL: ERROR: Invalid ACL: acl authenticate proxy_auth REQUIRED
>
> Squid Cache (Version 3.1.10): Terminated abnormally.
> CPU Usage: 0.004 seconds = 0.002 user + 0.002 sys
> Maximum Resident Size: 19056 KB
> Page faults with physical i/o: 0
>
> Here with my squid conf file.
>
> #
> # Recommended minimum configuration:
> #
> acl manager proto cache_object
> #acl localhost src 127.0.0.1/32 ::1
> #acl to_localhost dst 127.0.0.0/8 0.0.0.0/32 ::1
>
> # Example rule allowing access from your local networks.
> # Adapt to list your (internal) IP networks from where browsing
> # should be allowed
> #acl localnet src 10.0.0.0/8 # RFC1918 possible internal network
> #acl localnet src 192.168.0.0/16 # RFC1918 possible internal network
> #acl localnet src fc00::/7 # RFC 4193 local private network range
> #acl localnet src fe80::/10 # RFC 4291 link-local (directly plugged) machines
>
> acl SSL_ports port 443
> acl Safe_ports port 80 # http
> acl Safe_ports port 21 # ftp
> acl Safe_ports port 443 # https
> acl Safe_ports port 70 # gopher
> acl Safe_ports port 210 # wais
> acl Safe_ports port 1025-65535 # unregistered ports
> acl Safe_ports port 280 # http-mgmt
> acl Safe_ports port 488 # gss-http
> acl Safe_ports port 591 # filemaker
> acl Safe_ports port 777 # multiling http
> acl Safe_ports port 777 # multiling http
> acl purge method PURGE
> acl CONNECT method CONNECT
> acl localnet src 192.168.15.0/24
> acl to_localnet dst 192.168.15.0/24
> acl authenticate proxy_auth REQUIRED
> acl CONNECT method CONNECT
<snip>

You have an ACL which mandates authentication to pass. But no auth_param
to say what type of authentication your Squid is checking and how.
Which is Exactly what Squid is complaining about with "no authentication
schemes are fully configured".

Amos
Received on Wed Jan 25 2012 - 15:28:22 MST

This archive was generated by hypermail 2.2.0 : Thu Jan 26 2012 - 12:00:03 MST