AWESOME it is working mostly flawlessly!!
I notice that the whitelist file (/etc/squid3/whitelist1.sites) doesn't take
comments or duplications or reduntant info. Like .ftp.debian.org when there
is already a .debian.org. It errors and don't work. But once I got over that
it seems to be working nicely. As long as you surf the white list you aren't
prompted for a password. But if you go off white list you are!!
Is it possible to direct browsers that fail to authenticate to a website? I
could direct them to the internal web server with instructions on how to get
valid credentials.
Here is my current squid.conf file...
http_port 3128
#cache_mem 512 MB # May need to set lower if I run low on RAM
redirect_rewrites_host_header off
cache_replacement_policy lru
auth_param basic program /usr/lib/squid3/ncsa_auth /etc/squid/passwd
auth_param basic children 5
auth_param basic realm blocker
auth_param basic credentialsttl 12 hours
auth_param basic casesensitive off
acl whitelist dstdomain "/etc/squid3/whitelist1.sites"
acl ncsa_users proxy_auth REQUIRED
acl localnet src 192.168.0.0/255.255.0.0
acl localhost src 127.0.0.1
acl to_localhost dst 127.0.0.0/8 0.0.0.0/8
acl Safe_ports port 80 81 443 210 119 70 21 1025-65535
acl SSL_Ports port 443
acl CONNECT method CONNECT
acl AUTH_users proxy_auth ant2ne xbox mandi
http_access deny !Safe_ports
http_access deny CONNECT !SSL_Ports
http_access allow whitelist
http_access allow ncsa_users
http_access allow AUTH_users
http_access allow localnet
http_access allow localhost
http_access deny all
icp_port 0
refresh_pattern \.jpg$ 3600 50% 60
refresh_pattern \.gif$ 3600 50% 60
refresh_pattern \.css$ 3600 50% 60
refresh_pattern \.js$ 3600 50% 60
refresh_pattern \.html$ 300 50% 10
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern -i (/cgi-bin/|\?) 0 0% 0
refresh_pattern . 0 20% 4320
visible_hostname BLOCKER
-- View this message in context: http://squid-web-proxy-cache.1019090.n4.nabble.com/authentication-problems-tp3072735p3080682.html Sent from the Squid - Users mailing list archive at Nabble.com.Received on Thu Dec 09 2010 - 18:16:30 MST
This archive was generated by hypermail 2.2.0 : Fri Dec 10 2010 - 12:00:01 MST