Thanks! Works great, proxy_auth has to be replaced with src though otherwise its a syntax error (:
Regards, FB > -----Original Message----- > From: Ernest Johanson [mailto:[EMAIL PROTECTED] > Sent: 16 July 2003 21:09 > To: Botha, Francois > Cc: '[EMAIL PROTECTED]' > Subject: RE: squid user_auth > > > Right. Here localusers is the acl to require passwords. > > What about the following: > > >acl all src 0.0.0.0/0.0.0.0 > >acl localnetwork proxy_auth 192.168.0.0/255.255.255.0 > > remove the proxy_auth here. The config file says that a list > of usernames follows proxy_auth, unless using REQUIRED keyword. > > >acl localusers proxy_auth REQUIRED > >http_access deny !localnetwork > >http_access allow localusers > > insert all after allow so that it reads: > > http_access allow all localusers > > > > > Ernest Johanson > Systems Administrator > Fuller Theological Seminary > > > On Wed, 16 Jul 2003, Botha, Francois wrote: > > > Date: Wed, 16 Jul 2003 16:20:00 +0200 > > From: "Botha, Francois" <[EMAIL PROTECTED]> > > To: "'[EMAIL PROTECTED]'" <[EMAIL PROTECTED]> > > Cc: "'[EMAIL PROTECTED]'" <[EMAIL PROTECTED]> > > Subject: RE: squid user_auth > > > > Hi, > > > > "password" is not a acl, I tried proxy_auth but still no go ): > > > > Regards, > > FB > > > > > -----Original Message----- > > > From: Ernest Johanson [mailto:[EMAIL PROTECTED] > > > Sent: 15 July 2003 19:30 > > > To: Botha, Francois > > > Cc: Debian-User > > > Subject: Re: squid user_auth > > > > > > > > > Francois, > > > > > > Try adding the keyword "password" to the end of your > > > http_access allow directives. > > > > > > > > > Ernest Johanson > > > Systems Administrator > > > Fuller Theological Seminary > > > > > > > > > On Tue, 15 Jul 2003, Botha, Francois wrote: > > > > > > > Date: Tue, 15 Jul 2003 14:02:59 +0200 > > > > From: "Botha, Francois" <[EMAIL PROTECTED]> > > > > To: Debian-User <[EMAIL PROTECTED]> > > > > Subject: squid user_auth > > > > > > > > Hi, > > > > > > > > I'm playing with squid-2.4.6-2 on a 3.0/stable machine and > > > am having > > > > problems with the user authentication bit. My > > > authentication side of > > > > the httpd.conf has: > > > > > > > > -- snip -- > > > > acl all src 0.0.0.0/0.0.0.0 > > > > acl localnetwork proxy_auth 192.168.0.0/255.255.255.0 > > > > acl localusers proxy_auth REQUIRED > > > > http_access deny !localnetwork > > > > http_access allow localusers > > > > http_access allow localnetwork > > > > http_access deny all > > > > proxy_auth_realm Squid proxy-caching web server > > > authenticate_program > > > > /usr/lib/squid/ncsa_auth /etc/passwd.squid #authenticate_program > > > > /usr/lib/squid/pam_auth #authenticate_program /tmp/test.sh > > > > -- /snip -- > > > > > > > > My squid dialog box pops up asking for username and > > > password, I fill > > > > this in (using ncsa_auth with /etc/passwd.squid with htpasswd -d > > > > generated > > > > passwords) and the box just pops up again, nothing in any > > > logs regarding > > > > this. > > > > When I use ncsa_auth from the commandline with "username > > > password" i get the > > > > OK so all is well there. > > > > > > > > I've tried the same with pam_auth, and it also just pops up > > > again in > > > > the browser as-if my password is wrong, yet again - if I > > > run it from > > > > the commandline, it's happy. > > > > > > > > And yes, I have checked permissions of the > /etc/passwd.squid, it > > > > is > > > > only readable to the squid user (proxy), I've tried > > > changing this to > > > > a+rw out of desperateness but it's still acting the same way (: > > > > > > > > I've also made a simple shell script in /tmp which prints > > > $@ for me to > > > > another file, squid executes this but passes nothing as a > > > > argument, > > > > i've put a 'read' line in the script and passed that > towards a file > > > > aswell and also got nothing?! > > > > > > > > -- snip -- > > > > #!/bin/bash > > > > # > > > > > > > > while true ; do > > > > echo I was passed $@ > /tmp/test.out > > > > read vars > > > > echo I was also passed $vars >> /tmp/test.out > > > > echo OK > > > > done > > > > -- /snip -- > > > > > > > > Output: > > > > > > > > -- snip -- > > > > I was passed > > > > -- /snip -- > > > > > > > > So, it does not get to filling in the read line bit?! > > > > > > > > I've searched all I could online and the only real > problem is with > > > > permissions of the passwd file - which I know is not a > > > problem. Does > > > > anybody have any ideas? > > > > > > > > Thanks, > > > > Francois Botha > > > > > > > > Snr. Systems Engineer > > > > e-mail: [EMAIL PROTECTED] > > > > http://www.thawte.com > > > > > > > > > > > > > -- > > > To UNSUBSCRIBE, email to [EMAIL PROTECTED] > > > with a subject of "unsubscribe". Trouble? Contact > > > [EMAIL PROTECTED] > > > > > > > > -- > To UNSUBSCRIBE, email to [EMAIL PROTECTED] > with a subject of "unsubscribe". Trouble? Contact > [EMAIL PROTECTED] > -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
