Re: [squid-users] RE: squid Basic authentication from Amos Jeffries on 2013-03-17 (squid-users)

From: Amos Jeffries <squid3_at_treenet.co.nz>
Date: Mon, 18 Mar 2013 13:00:54 +1300

On 18/03/2013 9:58 a.m., hadi wrote:
> It work form me after reading this thread.
> http://www.squid-cache.org/mail-archive/squid-users/200803/0496.html

Shadow file support has apparently been present in that helper since
2006 on every OS which supports the required lookup function.
What operating system (and version) are you using?

> I have convert back shadow to /etc/passwd
> With /usr/sbin/pwunconv
>
> Thanks and regards
> Hadi
>
> -----Original Message-----
> From: hadi
>
> Some body help me with my setup please.
>
>
> Im using squid-3.1.23 trying to configure username/password for
> authentication with local user's (getpwname_auth). It popup for
> authentication but when I supply username and password doesn't work.
> Please help regard this matter.
> May squid.conf
>
> auth_param basic program /usr/local/squid/libexec/getpwname_auth
> auth_param basic utf8 off
> auth_param basic children 15 start=1 idle=1 auth_param basic realm Squid
> proxy Server at proxy.bigmama.com auth_param basic credentialsttl 4 hours
> auth_param basic casesensitive off acl authenticated proxy_auth REQUIRED
> http_access allow authenticated http_access deny all

NP: due to 'deny all' the remaining access controls are never used.

> access.log
> 1362861900.377 1 192.168.0.1 TCP_DENIED/407 4175 GET
> http://www.google.com/ - NONE/- text/html
> 1362861903.039 1 192.168.0.1 TCP_DENIED/407 4282 GET
> http://www.google.com/ hadi NONE/- text/html
> 1362861905.676 1 192.168.0.1 TCP_DENIED/407 4297 GET
> http://www.google.com/ hadi NONE/- text/html
> 1362861931.381 1 192.168.0.1 TCP_DENIED/407 4318 GET
> http://www.google.com/ root NONE/- text/html More error logs from cache with
> set to debug_options ALL,2 29
> 2013/03/16 01:41:02.758| ConnStateData::swanSong: FD 12
> 2013/03/16 01:41:22.128| The request CONNECT www.hotmail.com:443 is DENIED,
> because it matched 'auth'

The request is being denied due to an ACL named "auth". Which does not
exist in your configuration file.

Are you sure you are running the Squid you think you are? there is no
other older version installed somewhere in the background being run instead?

Amos
Received on Mon Mar 18 2013 - 00:01:00 MDT

This archive was generated by hypermail 2.2.0 : Thu Mar 21 2013 - 12:00:04 MDT