• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 131
  • Last Modified:

Squid Authentication

Can someone provide a sample SQUID config file for WINDOWS that allows LOCAL WINDOWS USERS to access Squid if they are authenticated?
0
albatros99
Asked:
albatros99
  • 3
  • 3
1 Solution
 
gheistCommented:
0
 
skullnobrainsCommented:
i'm assuming you expect domain users to be able to use squid while being automagically authenticated on the squid without retyping their passords

http://wiki.squid-cache.org/ConfigExamples/Authenticate/WindowsActiveDirectory

the above lets you integrate squid with your ad and use kerberos SSO. it only will work with internet explorer though.

--

if you post some more details, there might be a simpler solution. don't you have a dedicated safe network range in which you can assume all users are authenticated one way or another ?
0
 
albatros99Author Commented:
I'm not planning to use Active Directory. This is a single system and I want to create a couple of local accounts only. Single sign-on is not required. Basically, users should be prompted for name / password and these credentials should be checked against a local username database. I'm thinking they could be local Windows users but I'm just as fine using some proprietary local user database. Squid runds on Windows. If someone has already done this, can they please post the sample squid.conf file.
0
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
skullnobrainsCommented:
i do not think squid can natively use windows auth but you can use an auth plugin that will logon locally. other than that squid can use a crazy number of backends including sql, ldap htpassword files...

than i don't see the point, or there is something i'm not understanding properly. if the squid is installed locally and listens on the loopback ip, this should be good enough.

what are you actually trying to achieve ?
if you expect to deny internet access to some users, there are much more efficient solutions and this one will be a breeze to bypass for any reasonably competent user.
0
 
albatros99Author Commented:
I think the easiest one I looked at was htpassword. It's a central proxy for a very limited number of users. The proxy has a public IP and clients can be on any network. I want to limit the use of the proxy using auth. because I cannot use IP in this case. If someone has a finalized config for htpassword, can you kindly post it.
0
 
skullnobrainsCommented:
0
 
albatros99Author Commented:
Worked after some trial and error with NCSA config
0

Featured Post

Fill in the form and get your FREE NFR key NOW!

Veeam is happy to provide a FREE NFR server license to certified engineers, trainers, and bloggers.  It allows for the non‑production use of Veeam Agent for Microsoft Windows. This license is valid for five workstations and two servers.

  • 3
  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now