Re: [squid-users] Authentication

From: Sketch <sketchster@dont-contact.us>
Date: Tue, 20 Jun 2006 07:48:55 -0400

On 6/19/06, Henrik Nordstrom <henrik@henriknordstrom.net> wrote:
> mån 2006-06-19 klockan 15:21 -0400 skrev Sketch:
>
> > Is it really that complicated to get basic HTTP Authentication setup in squid?
>
> Not at all.
>
> You need
> a) A password database of some kind
> b) The proper helper to connect to that password database (ncsa_auth if
> using Apache htpasswd files)
> c) About 3 lines in squid.conf making use of the authentication, one
> auth_param line to specify the helper and password database, and one acl
> defining what users are valid, and one http_access rule limiting access
> to authenticated users only..

Basically I have a .htaccess and .htpasswd, I don't want to be adding
user manually to the squid configuration everytime a user is added.
Also, the protected directories are dynamic, so I cannot define them
within the squid conf, it's solely dependent on the .htaccess files...

> > Can I just have the Authorization header passed directly to the origin server?
>
> Normally done by default.

So is it safe to assume that as long as the Authorization string is
passed by using login=PASS on the cache_peer entry, authentication
should work without the external helper (ncsa_auth)?

> Is this a reverse-proxy setup using cache_peer for request forwarding (I
> assume so as you mention the rproxy patch)? If so see the login=
> parameter to cache_peer.

Yes, reverse with cache_peers.
Received on Tue Jun 20 2006 - 05:48:56 MDT

This archive was generated by hypermail pre-2.1.9 : Sat Jul 01 2006 - 12:00:02 MDT