Re: [squid-users] Squid authentication objects by source ip

On 12/04/2023 11:14 pm, hans.peter.wurst2000 wrote: Hello, i have currently a problem to setup squid authentication with kerberos. The problem is not the authentication itself. It works fine, but only for one AD-Domain. I have 6 AD Domains that have to authenticate trough this squid-proxy. In

[squid-users] Squid authentication objects by source ip

Hello, i have currently a problem to setup squid authentication with kerberos. The problem is not the authentication itself. It works fine, but only for one AD-Domain. I have 6 AD Domains that have to authenticate trough this squid-proxy. In the documentation "https://wiki.squid-cache.org/Feat

Re: [squid-users] Squid authentication issues

metrio Bacci Verzonden: donderdag 30 juli 2020 19:37 Aan: Squid Users Onderwerp: [squid-users] Squid authentication issues Hi, I set up Squid 4.6 on Debian 10 and I'm having problems with browser authentication on a Wind

[squid-users] Squid authentication issues

Hi, I set up Squid 4.6 on Debian 10 and I'm having problems with browser authentication on a Windows station. I did the tests on the command line and apparently it's OK. root@proxy:/etc/squid/acls# /usr/bin/ntlm_auth --helper-protocol=squid-2.5-basic Registered MSG_REQ_POOL_USAGE Registered MSG_

Re: [squid-users] Squid authentication problem (Amos Jeffries)

Thanks for all the help. I just checked the /etc/squid/passwords file, turns out I mistakenly used htpasswd -c when saving the last username, password and all the previous ones got overwritten. After fixing that, the config file I wrote earlier worked fine. With regards, Sonya Roy On Tue, Jun 20

Re: [squid-users] Squid authentication problem (Amos Jeffries)

On 20/06/17 10:50, Sonya Roy wrote: Hi, Thanks for the links. So I tried what you suggested and for testing, I was using this simple config:- http_port 8080 auth_param basic program /usr/lib/squid/basic_ncsa_auth /etc/squid/passwords auth_param basic realm proxy external_acl_type checkclient c

Re: [squid-users] Squid authentication problem (Amos Jeffries)

Hi, Thanks for the links. So I tried what you suggested and for testing, I was using this simple config:- http_port 8080 auth_param basic program /usr/lib/squid/basic_ncsa_auth /etc/squid/passwords auth_param basic realm proxy external_acl_type checkclient children-max=20 %MYADDR %LOGIN /usr/loca

Re: [squid-users] Squid authentication problem (Amos Jeffries)

On 20/06/17 09:15, Amos Jeffries wrote: On 20/06/17 03:20, Sonya Roy wrote: Since you are saying the IP that can be passed to the helpers is configurable, how would I pass the local IP of the server that the client connected to? I checked out the helpers you mentioned, there they check which IP

Re: [squid-users] Squid authentication problem (Amos Jeffries)

On 20/06/17 03:20, Sonya Roy wrote: Since you are saying the IP that can be passed to the helpers is configurable, how would I pass the local IP of the server that the client connected to? I checked out the helpers you mentioned, there they check which IP the connection is coming from. Not the l

Re: [squid-users] Squid authentication problem (Amos Jeffries)

Since you are saying the IP that can be passed to the helpers is configurable, how would I pass the local IP of the server that the client connected to? I checked out the helpers you mentioned, there they check which IP the connection is coming from. Not the local IP of the server that the client

Re: [squid-users] Squid authentication problem (Amos Jeffries)

On 20/06/17 00:09, Sonya Roy wrote: Hi, From what I saw with using IP as part of then authentication, it checks which IP the user is connecting to the server from. What I want to check is which public IP of the server the user is connecting to. The IP is whichever one you pass to the various h

Re: [squid-users] Squid authentication problem (Amos Jeffries)

e ssl-bump option. > (Alex Rousskov) >3. Re: squid 4.0.20 does not recognize ssl-bump option. > (Amos Jeffries) > > > -- > > Message: 1 > Date: Mon, 19 Jun 2017 00:56:31 +1200 > From:

Re: [squid-users] Squid authentication problem

On 18/06/17 17:50, Sonya Roy wrote: Hi, I am running squid on a server with multiple public IPs and I want some users to be able to access the proxy through some of the IPs and other users through other IPs. At the moment I have acl rules of the form:- acl abcd myip x.x.x.x What you need

[squid-users] Squid authentication problem

Hi, I am running squid on a server with multiple public IPs and I want some users to be able to access the proxy through some of the IPs and other users through other IPs. At the moment I have acl rules of the form:- acl abcd myip x.x.x.x and for these acl rules I have these tcp_outgoing_address

Re: [squid-users] Squid Authentication if URL is on a Blacklist from SquidGuard

Behalf Of Amos Jeffries Sent: Tuesday, April 4, 2017 9:18 AM To: squid-users@lists.squid-cache.org Subject: Re: [squid-users] Squid Authentication if URL is on a Blacklist from SquidGuard On 31/03/2017 9:22 p.m., CrossfireAUT wrote: > Hello Squid-Community! > > I need your help with a r

Re: [squid-users] Squid Authentication if URL is on a Blacklist from SquidGuard

On 5/04/2017 7:48 p.m., CrossfireAUT wrote: > /If you have such a thing as AD and the ability to push Group Policy to > the users there is no need to avoid authentication./ > > I have a running AD on Ubuntu 16.04 with samba4. > > > /Perhapse the client is actually asking to get away from lots of

Re: [squid-users] Squid Authentication if URL is on a Blacklist from SquidGuard

/If you have such a thing as AD and the ability to push Group Policy to the users there is no need to avoid authentication./ I have a running AD on Ubuntu 16.04 with samba4. /Perhapse the client is actually asking to get away from lots of annoying popups the browsers are forcing on them? if that

Re: [squid-users] Squid Authentication if URL is on a Blacklist from SquidGuard

On 31/03/2017 9:22 p.m., CrossfireAUT wrote: > Hello Squid-Community! > > I need your help with a rather non-standard config. > My aim is as following: > -> Users that use my proxy (will deploy it via group policy in AD) should be > able to use my proxy without authentication If you have such a t

[squid-users] Squid Authentication if URL is on a Blacklist from SquidGuard

Hello Squid-Community! I need your help with a rather non-standard config. My aim is as following: -> Users that use my proxy (will deploy it via group policy in AD) should be able to use my proxy without authentication -> if a user invokes SquidGuard (he wants to call up a URL on my blacklists),

Re: [squid-users] Squid Authentication with HTTP REST API

On 20/03/2017 7:49 p.m., Serhat Koroglu wrote: > Sorry for late reply. > > I have find a suitable solution for validation through a http web > service. Here tells developing custom helper even using php: > http://freesoftwaremagazine.com/articles/authentication_with_squid/ > That's nice. > > > T

Re: [squid-users] Squid Authentication with HTTP REST API

On 20/03/2017 9:27 p.m., Eliezer Croitoru wrote: > Hey Serhat, > > The right way to support OAUTH2 or any similar idea would be using an ICAP > service or ECAP module(to my knowledge). Sigh. Another perfect example of how giving us incorrect information results in bad answers. OAuth2 is an actu

Re: [squid-users] Squid Authentication with HTTP REST API

at Koroglu [mailto:serhatkoro...@outlook.com] Sent: Monday, March 20, 2017 8:49 AM To: Eliezer Croitoru ; squid-users@lists.squid-cache.org Subject: Re: [squid-users] Squid Authentication with HTTP REST API Sorry for late reply. I have find a suitable solution for validation through a http web service.

Re: [squid-users] Squid Authentication with HTTP REST API

toru Sent: Wednesday, March 15, 2017 12:01:15 PM To: 'Serhat Koroglu' Cc: squid-users@lists.squid-cache.org Subject: RE: [squid-users] Squid Authentication with HTTP REST API Hey Serhat,(first name right?) >From what I understand you have a specific case. Today the squid project doe

Re: [squid-users] Squid Authentication with HTTP REST API

Sent: Wednesday, March 15, 2017 4:04 AM To: squid-users@lists.squid-cache.org Subject: Re: [squid-users] Squid Authentication with HTTP REST API On 14/03/2017 8:15 p.m., Serhat Koroglu wrote: > Hello, > > Is there any possibilty implementing an authentication through a custom XML > Web Service

Re: [squid-users] Squid Authentication with HTTP REST API

On 14/03/2017 8:15 p.m., Serhat Koroglu wrote: > Hello, > > Is there any possibilty implementing an authentication through a custom XML > Web Service or HTTP REST API? What should I check? > Squid supports the HTTP authentication framework (RFC 7235 ). Squid

[squid-users] Squid Authentication with HTTP REST API

Hello, Is there any possibilty implementing an authentication through a custom XML Web Service or HTTP REST API? What should I check? ___ squid-users mailing list squid-users@lists.squid-cache.org http://lists.squid-cache.org/listinfo/squid-users

[squid-users] Squid Authentication - Problems

Hi I have tried to use only Kerberos authentication, but didn't work! I have already used the 3 way below: 1) auth_param negotiate program /usr/lib/squid3/negotiate_kerberos_auth 2) auth_param negotiate program /usr/lib/squid3/negotiate_kerberos_auth -s GSS_C_NO_NAME -i 3) auth_param negotiate pr

Re: [squid-users] Squid Authentication

On 15/08/2016 10:19 p.m., Marcio Demetrio Bacci wrote: > In my network I have Windows and Linux computers. > I tried the NTLM authentication method, but is experiencing many problems. FYI, Microsoft deprecated NTLM in 2006 and all software produced by them since has been migrating towards Kerberos

[squid-users] Squid Authentication

In my network I have Windows and Linux computers. I tried the NTLM authentication method, but is experiencing many problems. So I wonder if the authentication method "squid_ldap_auth" is designed for Windows and Linux stations? Regards, Márcio ___ squid

Re: [squid-users] Squid Authentication with Window AD

On 16/03/2016 10:25 p.m., vibhorsaraswat wrote: > Hello All, > > I am getting the below error during authentication, can any one helo me > EHLO. > > wbinfo -a auth_squi > Enter auth_squid's password: > plaintext password authentication failed > Could not authenticate user auth_squi

Re: [squid-users] Squid Authentication with Window AD

Hello, Can anyone help me. -- View this message in context: http://squid-web-proxy-cache.1019090.n4.nabble.com/Squid-Authentication-with-Window-AD-tp4676708p4676709.html Sent from the Squid - Users mailing list archive at Nabble.com. ___ squid-users

[squid-users] Squid Authentication with Window AD

Hello All, I am getting the below error during authentication, can any one helo me wbinfo -a auth_squi Enter auth_squid's password: plaintext password authentication failed Could not authenticate user auth_squid with plaintext password Enter auth_squid's password: could not obtain wi

Re: [squid-users] squid authentication mechs

On 17/12/2015 5:35 a.m., Eugene M. Zheganin wrote: > Hi. > > Is there a way to limit the number of available authentication > mechanisms (for a client browser) basing on certain squid IP which this > browser connects to, like, using http_port configuration directive ? For > example this is needed

[squid-users] squid authentication mechs

Hi. Is there a way to limit the number of available authentication mechanisms (for a client browser) basing on certain squid IP which this browser connects to, like, using http_port configuration directive ? For example this is needed when one need to allow the non-domain machines to pass thr

Re: [squid-users] squid authentication to remote sql server

On 15/02/2015 8:25 a.m., snakeeyes wrote: > Hi Amos , > > Shoudnt the user tested is the user that I gave him the grant ??? The 'user' who got a SQL "GRANT" is the software user whch is allowed to acccess the DB contents. That should only be Squid and/or your sysadmin who changes users records.

Re: [squid-users] squid authentication to remote sql server

g ==> is says access denied Wt do you think Amos ? Try another squid verson ? or wt ? -Original Message- From: Amos Jeffries [mailto:squ...@treenet.co.nz] Sent: Friday, February 13, 2015 1:54 PM To: snakeeyes; squid-users@lists.squid-cache.

Re: [squid-users] squid authentication to remote sql server

On 14/02/2015 5:35 p.m., snakeeyes wrote: > Hi Amos , can you chk below plz ? > > > mysql> select * from squid ; > ++--+-+---+-+ > | user | password | enabled | fullname | comment | > ++--+-+---+---

Re: [squid-users] squid authentication to remote sql server

http://yahoo.com/ nikesh HIER_NONE/- text/html 1423799270.459 1556 192.168.1.6 TCP_DENIED/407 4194 GET http://yahoo.com/ nikesh HIER_NONE/- text/html Any help ?? Should shoud I try more ? -Original Message- From: Amos Jeffries [mailto:squ...@treenet.co.nz] Sent: Tuesday,

Re: [squid-users] squid authentication , & ACL select from databse SQL , is that possible ?

Hi, You can authenticate user and password from sql database using the helper "squid_db_auth". But, allowing website for corresponding user by storing in db is not possible. You can use various ACLs to control the site access for the individual users. Instead of storing website in particul

[squid-users] squid authentication , & ACL select from databse SQL , is that possible ?

Hi I need to do many operations : I need squid with sql with the following needs : 1- Squid authenticate user/pwd from sql databse. 2- Then if authentication was okay , they I need to see that username logged in and go to sql databse and select from there a cloum with the websites c

Re: [squid-users] squid authentication to remote sql server

On 11/02/2015 8:40 p.m., snakeeyes wrote: > Hi amos > I hadded squi/squid in the table > > mysql> show tables > -> ; > +-+ > | Tables_in_squid | > +-+ > | passwd | > +-+ > 1 row in set (0.00 sec) > > mysql> select * from passwd; > +

Re: [squid-users] squid authentication to remote sql server

? > > > > how can u help me ? login with md5 or wt ?? Of course, no. > > > -Original Message- From: Amos Jeffries > [mailto:squ...@treenet.co.nz] Sent: Tuesday, February 10, 2015 1:29 > PM To: Ahmad; squid-users@lists.squid-cache.org Subject: Re: > [squid-users] squi

Re: [squid-users] squid authentication to remote sql server

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Amos, MD5 insufficient. As minimum, SHA256 with salt. New Oracle RDBMS use SHA to store user's password. And don't forget about SQL Injection and password cracking farms.. 11.02.15 3:28, Amos Jeffries пишет: > On 11/02/2015 8:17 p.m., Ahmad w

Re: [squid-users] squid authentication to remote sql server

id-cache.org Subject: Re: [squid-users] squid authentication to remote sql server On 11/02/2015 8:17 p.m., Ahmad wrote: > Thank you amos , I fixed the table thing , but I have new error now : > > /lib/squid/basic_db_auth --dsn > "DBI:mysql:host=x.xx..189.177;port=3306;database=squid&

Re: [squid-users] squid authentication to remote sql server

On 11/02/2015 8:17 p.m., Ahmad wrote: > Thank you amos , I fixed the table thing , but I have new error now : > > /lib/squid/basic_db_auth --dsn > "DBI:mysql:host=x.xx..189.177;port=3306;database=squid" --user "squid" > --password "squid" --table "passwd" --usercol "user" --passwdcol "password"

Re: [squid-users] squid authentication to remote sql server

password" --cond "" --plaintext ERR unknown login ERR unknown login ERR unknown login ERR unknown login ERR unknown login Wt do u think ?? Mysql issue ? -Original Message- From: Amos Jeffries [mailto:squ...@treenet.co.nz] Sent: Tuesday, February 10, 2015 12:42 PM To: Ahm

Re: [squid-users] squid authentication to remote sql server

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 As I think, this is around DB. Not squid. :) Just misconfiguration. 11.02.15 2:44, Amos Jeffries пишет: > On 11/02/2015 9:35 a.m., Yuri Voinov wrote: >> Wow, it just cannot connect with DB?! > > > Maybe, maybe not, maybe its connecting to the localh

Re: [squid-users] squid authentication to remote sql server

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 11/02/2015 9:35 a.m., Yuri Voinov wrote: > Wow, it just cannot connect with DB?! > Maybe, maybe not, maybe its connecting to the localhost instead of remote (he had a localhost test earlier). I just spotted table names were different too. Amos --

Re: [squid-users] squid authentication to remote sql server

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Heh. Pure SQL database is VERY bad idea to store any security credentials or ACL's. They too easy to hack. 11.02.15 2:32, Amos Jeffries пишет: > On 11/02/2015 7:24 p.m., Ahmad wrote: >> Thank you amos , but I have an issue with connection : Here is my

Re: [squid-users] squid authentication to remote sql server

Replying again because I missed the --table parameter value earlier. On 11/02/2015 7:24 p.m., Ahmad wrote: > Thank you amos , but I have an issue with connection : > mysql> select * from passwd; ===> notice the TABLE NAME. > ++--+-+---+-+

Re: [squid-users] squid authentication to remote sql server

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Wow, it just cannot connect with DB?! 11.02.15 2:32, Amos Jeffries пишет: > On 11/02/2015 7:24 p.m., Ahmad wrote: >> Thank you amos , but I have an issue with connection : Here is my >> mysql info : grant select on squid.* to 'squid'@'%' >> i

Re: [squid-users] squid authentication to remote sql server

On 11/02/2015 7:24 p.m., Ahmad wrote: > Thank you amos , but I have an issue with connection : > Here is my mysql info : > > grant select on squid.* to 'squid'@'%' identified by 'squid'; > = > mysql> show databases; > ++ > | Database | > +-

Re: [squid-users] squid authentication to remote sql server

' > '--enable-cache-digests' '--enable-underscores' > '--enable-icap-client' '--enable-follow-x-forwarded-for' > '--enable-auth' > '--enable-basic-auth-helpers=LDAP,MSNT,NCSA,PAM,SASL,SMB,YP,DB,POP3,getpwnam,squid_radius_auth,multi-domain-NTLM' > '--e

Re: [squid-users] squid authentication to remote sql server

enable-ntlm-auth-helpers=smb_lm' '--enable-digest-auth-helpers=ldap,password' '--enable-negotiate-auth-helpers=squid_kerb_auth' '--enable-esi' '--disable-translation' '--with-logdir=/var/log/squid' '--with-pidfile=/var/run/squid.pid&#x

Re: [squid-users] squid authentication to remote sql server

On 10/02/2015 5:01 p.m., Ahmad wrote: > Hi , > > I followed the article in : > > http://wiki.squid-cache.org/ConfigExamples/Authenticate/Mysql > > > > > > I need to connect squid to external sql server , what do I need to modify > in the helper command ? > > > > I think that the co

[squid-users] squid authentication to remote sql server

Hi , I followed the article in : http://wiki.squid-cache.org/ConfigExamples/Authenticate/Mysql I need to connect squid to external sql server , what do I need to modify in the helper command ? I think that the command below : ""auth_param basic program /usr/local/squid/libexec/squ

Re: [squid-users] Squid Authentication

gt; 02.02.2015 20:47, Rafael Akchurin пишет: > > Eldar will send soon as we finish some initial testing. > > Raf > > > > > > > > From: Amos Jeffries > > Sent: Monday, February 2, 2015 3:32 PM > > To: Rafael Akch

Re: [squid-users] Squid Authentication

esting. > Raf > > > > From: Amos Jeffries > Sent: Monday, February 2, 2015 3:32 PM > To: Rafael Akchurin; squid-users@lists.squid-cache.org > Subject: Re: [squid-users] Squid Authentication > > On 3/02/2015 3:04 a.m., Rafael Akchurin wrote: >> Hello Amos, >> >

Re: [squid-users] Squid Authentication

Eldar will send soon as we finish some initial testing. Raf From: Amos Jeffries Sent: Monday, February 2, 2015 3:32 PM To: Rafael Akchurin; squid-users@lists.squid-cache.org Subject: Re: [squid-users] Squid Authentication On 3/02/2015 3:04 a.m., Rafael

Re: [squid-users] Squid Authentication

On 3/02/2015 3:04 a.m., Rafael Akchurin wrote: > Hello Amos, > > We will soon be able to have latest 3.5 built for Cygwin x64 (hopefully). > Yay! Are there any patches I can merge that will help minimize the tracking work for future releases? Amos > Rafael > > ___

Re: [squid-users] Squid Authentication

Hello Amos, We will soon be able to have latest 3.5 built for Cygwin x64 (hopefully). Rafael From: squid-users on behalf of Amos Jeffries Sent: Monday, February 2, 2015 10:54 AM To: squid-users@lists.squid-cache.org Subject: Re: [squid-users] Squid

Re: [squid-users] Squid Authentication

On 2/02/2015 5:27 p.m., Raju M K wrote: > Need squid Authentication syntax for local users in Windows 7/8 workgroup > Presently using squid 2.7 stable 8 2.7 was end-of-lifed *5 years ago*. Please upgrade. http://www.squid-cache.org/Versions/ PS. I know we dont have a native windows version availa

Re: [squid-users] Squid Authentication

Hey Raju, For how many users? Eliezer On 02/02/2015 06:27, Raju M K wrote: Need squid Authentication syntax for local users in Windows 7/8 workgroup Presently using squid 2.7 stable 8 -- Regards, M K Raju. ___ squid-users mailing list squid-users@

Re: [squid-users] Squid Authentication

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 http://wiki.squid-cache.org/ConfigExamples#Authentication 02.02.2015 10:27, Raju M K пишет: > Need squid Authentication syntax for local users in Windows 7/8 workgroup > Presently using squid 2.7 stable 8 > -- > Regards, > M K Raju. > > > >

[squid-users] Squid Authentication

Need squid Authentication syntax for local users in Windows 7/8 workgroup Presently using squid 2.7 stable 8 -- Regards, M K Raju. ___ squid-users mailing list squid-users@lists.squid-cache.org http://lists.squid-cache.org/listinfo/squid-users