Solved

Squid Authentication

Posted on 2016-10-24
7
60 Views
Last Modified: 2016-10-25
Can someone provide a sample SQUID config file for WINDOWS that allows LOCAL WINDOWS USERS to access Squid if they are authenticated?
0
Comment
Question by:albatros99
  • 3
  • 3
7 Comments
 
LVL 61

Expert Comment

by:gheist
ID: 41856880
0
 
LVL 26

Expert Comment

by:skullnobrains
ID: 41857024
i'm assuming you expect domain users to be able to use squid while being automagically authenticated on the squid without retyping their passords

http://wiki.squid-cache.org/ConfigExamples/Authenticate/WindowsActiveDirectory

the above lets you integrate squid with your ad and use kerberos SSO. it only will work with internet explorer though.

--

if you post some more details, there might be a simpler solution. don't you have a dedicated safe network range in which you can assume all users are authenticated one way or another ?
0
 
LVL 3

Author Comment

by:albatros99
ID: 41857051
I'm not planning to use Active Directory. This is a single system and I want to create a couple of local accounts only. Single sign-on is not required. Basically, users should be prompted for name / password and these credentials should be checked against a local username database. I'm thinking they could be local Windows users but I'm just as fine using some proprietary local user database. Squid runds on Windows. If someone has already done this, can they please post the sample squid.conf file.
0
VMware Disaster Recovery and Data Protection

In this expert guide, you’ll learn about the components of a Modern Data Center. You will use cases for the value-added capabilities of Veeam®, including combining backup and replication for VMware disaster recovery and using replication for data center migration.

 
LVL 26

Expert Comment

by:skullnobrains
ID: 41857069
i do not think squid can natively use windows auth but you can use an auth plugin that will logon locally. other than that squid can use a crazy number of backends including sql, ldap htpassword files...

than i don't see the point, or there is something i'm not understanding properly. if the squid is installed locally and listens on the loopback ip, this should be good enough.

what are you actually trying to achieve ?
if you expect to deny internet access to some users, there are much more efficient solutions and this one will be a breeze to bypass for any reasonably competent user.
0
 
LVL 3

Author Comment

by:albatros99
ID: 41857079
I think the easiest one I looked at was htpassword. It's a central proxy for a very limited number of users. The proxy has a public IP and clients can be on any network. I want to limit the use of the proxy using auth. because I cannot use IP in this case. If someone has a finalized config for htpassword, can you kindly post it.
0
 
LVL 26

Accepted Solution

by:
skullnobrains earned 500 total points
ID: 41857124
0
 
LVL 3

Author Closing Comment

by:albatros99
ID: 41858338
Worked after some trial and error with NCSA config
0

Featured Post

Give your grad a cloud of their own!

With up to 8TB of storage, give your favorite graduate their own personal cloud to centralize all their photos, videos and music in one safe place. They can save, sync and share all their stuff, and automatic photo backup helps free up space on their smartphone and tablet.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This is the error message I got (CODE) Error caused by incompatible libmp3lame 3.98-2 with ffmpeg I've googled this error message and found out sometimes it attaches this note "can be treated with downgrade libmp3lame to version 3.97 or 3.98" …
rdate is a Linux command and the network time protocol for immediate date and time setup from another machine. The clocks are synchronized by entering rdate with the -s switch (command without switch just checks the time but does not set anything). …
Connecting to an Amazon Linux EC2 Instance from Windows Using PuTTY.
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.

914 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

17 Experts available now in Live!

Get 1:1 Help Now