?
Solved

Squid Authentication

Posted on 2016-10-24
7
Medium Priority
?
108 Views
Last Modified: 2016-10-25
Can someone provide a sample SQUID config file for WINDOWS that allows LOCAL WINDOWS USERS to access Squid if they are authenticated?
0
Comment
Question by:albatros99
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 3
7 Comments
 
LVL 62

Expert Comment

by:gheist
ID: 41856880
0
 
LVL 27

Expert Comment

by:skullnobrains
ID: 41857024
i'm assuming you expect domain users to be able to use squid while being automagically authenticated on the squid without retyping their passords

http://wiki.squid-cache.org/ConfigExamples/Authenticate/WindowsActiveDirectory

the above lets you integrate squid with your ad and use kerberos SSO. it only will work with internet explorer though.

--

if you post some more details, there might be a simpler solution. don't you have a dedicated safe network range in which you can assume all users are authenticated one way or another ?
0
 
LVL 3

Author Comment

by:albatros99
ID: 41857051
I'm not planning to use Active Directory. This is a single system and I want to create a couple of local accounts only. Single sign-on is not required. Basically, users should be prompted for name / password and these credentials should be checked against a local username database. I'm thinking they could be local Windows users but I'm just as fine using some proprietary local user database. Squid runds on Windows. If someone has already done this, can they please post the sample squid.conf file.
0
Get MySQL database support online, now!

At Percona’s web store you can order your MySQL database support needs in minutes. No hassles, no fuss, just pick and click. Pay online with a credit card.

 
LVL 27

Expert Comment

by:skullnobrains
ID: 41857069
i do not think squid can natively use windows auth but you can use an auth plugin that will logon locally. other than that squid can use a crazy number of backends including sql, ldap htpassword files...

than i don't see the point, or there is something i'm not understanding properly. if the squid is installed locally and listens on the loopback ip, this should be good enough.

what are you actually trying to achieve ?
if you expect to deny internet access to some users, there are much more efficient solutions and this one will be a breeze to bypass for any reasonably competent user.
0
 
LVL 3

Author Comment

by:albatros99
ID: 41857079
I think the easiest one I looked at was htpassword. It's a central proxy for a very limited number of users. The proxy has a public IP and clients can be on any network. I want to limit the use of the proxy using auth. because I cannot use IP in this case. If someone has a finalized config for htpassword, can you kindly post it.
0
 
LVL 27

Accepted Solution

by:
skullnobrains earned 2000 total points
ID: 41857124
0
 
LVL 3

Author Closing Comment

by:albatros99
ID: 41858338
Worked after some trial and error with NCSA config
0

Featured Post

Get MongoDB database support online, now!

At Percona’s web store you can order your MongoDB database support needs in minutes. No hassles, no fuss, just pick and click. Pay online with a credit card. Handle your MongoDB database support now!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Introduction We as admins face situation where we need to redirect websites to another. This may be required as a part of an upgrade keeping the old URL but website should be served from new URL. This document would brief you on different ways ca…
Linux users are sometimes dumbfounded by the severe lack of documentation on a topic. Sometimes, the documentation is copious, but other times, you end up with some obscure "it varies depending on your distribution" over and over when searching for …
Learn how to find files with the shell using the find and locate commands. Use locate to find a needle in a haystack.: With locate, check if the file still exists.: Use find to get the actual location of the file.:
Connecting to an Amazon Linux EC2 Instance from Windows Using PuTTY.
Suggested Courses
Course of the Month9 days, 15 hours left to enroll

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question