How to use htpasswd on squid.conf? - squid

This is a discussion on How to use htpasswd on squid.conf? - squid ; Hi, I have installed the htpasswd for users to authenticate from the Squid proxy server. My squid.conf looks like below. (pls note that the authenticate_program line for htpasswd program path and the htpasswd file is correct). I configured a browser ...

+ Reply to Thread
Results 1 to 2 of 2

Thread: How to use htpasswd on squid.conf?

  1. How to use htpasswd on squid.conf?

    Hi, I have installed the htpasswd for users to authenticate from the
    Squid proxy server. My squid.conf looks like below. (pls note that
    the authenticate_program line for htpasswd program path and the
    htpasswd file is correct). I configured a browser to point to this
    Squid proxy server. However, when I go on any websites, the proxy
    does not prompt any login from the htpasswd file. Do u konw if there
    is anything missing from the conf file below? Or anything wrong with
    the sequence in the conf file?

    Thanks!!!




    cache_peer axroam06.dev.ipass.com parent 3128 3130
    proxy-only
    authenticate_program /usr/local/squid/bin/htpasswd
    /usr/local/squid/etc/squid.htpasswd
    hierarchy_stoplist cgi-bin ?
    acl QUERY urlpath_regex cgi-bin \?
    no_cache deny QUERY
    cache_mem 8000000 bytes
    cache_dir ufs /usr/local/squid/cache 100 16 256
    http_port 3128 8080 80
    acl all src 0.0.0.0/0.0.0.0
    acl chui src 10.10.6.226/255.255.255.255
    #acl manager proto HTTP HTTPS FTP
    acl manager proto cache_object
    acl localhost src 127.0.0.1/255.255.255.255
    acl SSL_ports port 443 563
    acl Safe_ports port 3128 # squid
    acl Safe_ports port 80 # http
    acl Safe_ports port 21 # ftp
    acl Safe_ports port 443 563 # https, snews
    acl Safe_ports port 70 # gopher
    acl Safe_ports port 210 # wais
    acl Safe_ports port 1025-65535 # unregistered ports
    acl Safe_ports port 280 # http-mgmt
    acl Safe_ports port 488 # gss-http
    acl Safe_ports port 591 # filemaker
    acl Safe_ports port 777 # multiling http
    acl CONNECT method CONNECT
    http_access allow manager localhost
    http_access deny manager
    http_access deny !Safe_ports
    #http_access allow chui
    http_access allow all
    #http_access allow all
    icp_access allow all
    #icp_access allow chui
    cache_mgr chui@ipass.com
    cache_effective_user nobody
    cache_effective_group nogroup

  2. TIMEOUT_FIRST_UP_PARENT after enabling NCSA_AUTH

    I finally able to make the Squid server to prompt the user for the
    passwd right now. However, it does not take any valid user/passwd.
    Also, from the access_log, I see a bunch of error message about
    TIMEOUT_FIRST_UP_PARENT. Could anyone tell me what does that mean? I
    believe this is related to the NCSA, since I don't see this error if I
    don't use the authentication option. It would be great if someone can
    tell me what could go wrong... thanks!

    Please notes, the squid.htpasswd file was created like this

    htpasswd /usr/local/squid/etc/squid.htpasswd

    Here is how my squid.conf looks like:

    cache_peer axroam06.dev.ipass.com parent 3128 3130
    proxy-only
    hierarchy_stoplist cgi-bin ?
    acl QUERY urlpath_regex cgi-bin \?
    no_cache deny QUERY
    cache_mem 8000000 bytes
    cache_dir ufs /usr/local/squid/cache 100 16 256
    authenticate_program /usr/local/squid/bin/ncsa_auth
    /usr/local/squid/etc/squid.htpasswd
    acl password proxy_auth REQUIRED
    http_port 3128 8080 80
    acl all src 0.0.0.0/0.0.0.0
    acl manager proto HTTP HTTPS FTP
    acl manager proto cache_object
    acl localhost src 127.0.0.1/255.255.255.255
    acl SSL_ports port 443 563
    acl Safe_ports port 3128 # squid
    acl Safe_ports port 80 # http
    acl Safe_ports port 21 # ftp
    acl Safe_ports port 443 563 # https, snews
    acl Safe_ports port 70 # gopher
    acl Safe_ports port 210 # wais
    acl Safe_ports port 1025-65535 # unregistered ports
    acl Safe_ports port 280 # http-mgmt
    acl Safe_ports port 488 # gss-http
    acl Safe_ports port 591 # filemaker
    acl Safe_ports port 777 # multiling http
    acl CONNECT method CONNECT
    http_access allow password all
    http_access allow manager localhost
    #http_access deny manager
    http_access deny !Safe_ports
    cache_mgr chui@ipass.com
    #cache_effective_user nobody
    #cache_effective_group nogroup
    logfile_rotate 10

    chui@ipass.com (Cathy) wrote in message news:...
    > Hi, I have installed the htpasswd for users to authenticate from the
    > Squid proxy server. My squid.conf looks like below. (pls note that
    > the authenticate_program line for htpasswd program path and the
    > htpasswd file is correct). I configured a browser to point to this
    > Squid proxy server. However, when I go on any websites, the proxy
    > does not prompt any login from the htpasswd file. Do u konw if there
    > is anything missing from the conf file below? Or anything wrong with
    > the sequence in the conf file?
    >
    > Thanks!!!
    >
    >
    >
    >
    > cache_peer axroam06.dev.ipass.com parent 3128 3130
    > proxy-only
    > authenticate_program /usr/local/squid/bin/htpasswd
    > /usr/local/squid/etc/squid.htpasswd
    > hierarchy_stoplist cgi-bin ?
    > acl QUERY urlpath_regex cgi-bin \?
    > no_cache deny QUERY
    > cache_mem 8000000 bytes
    > cache_dir ufs /usr/local/squid/cache 100 16 256
    > http_port 3128 8080 80
    > acl all src 0.0.0.0/0.0.0.0
    > acl chui src 10.10.6.226/255.255.255.255
    > #acl manager proto HTTP HTTPS FTP
    > acl manager proto cache_object
    > acl localhost src 127.0.0.1/255.255.255.255
    > acl SSL_ports port 443 563
    > acl Safe_ports port 3128 # squid
    > acl Safe_ports port 80 # http
    > acl Safe_ports port 21 # ftp
    > acl Safe_ports port 443 563 # https, snews
    > acl Safe_ports port 70 # gopher
    > acl Safe_ports port 210 # wais
    > acl Safe_ports port 1025-65535 # unregistered ports
    > acl Safe_ports port 280 # http-mgmt
    > acl Safe_ports port 488 # gss-http
    > acl Safe_ports port 591 # filemaker
    > acl Safe_ports port 777 # multiling http
    > acl CONNECT method CONNECT
    > http_access allow manager localhost
    > http_access deny manager
    > http_access deny !Safe_ports
    > #http_access allow chui
    > http_access allow all
    > #http_access allow all
    > icp_access allow all
    > #icp_access allow chui
    > cache_mgr chui@ipass.com
    > cache_effective_user nobody
    > cache_effective_group nogroup


+ Reply to Thread