# Configure Basic authentication with radius as backend # (see Related Software) auth_param basic program /path/to/squid_rad_auth ... [... is options as per the squid_rad_auth documentation] [other auth_param basic directives as per squid.conf.default]
# Require users to log in acl login proxy_auth REQUIRED http_access deny !login As and alternative to squid_rad_auth you can use the PAM authenticator shipped with Squid, but this assumes you are familiar with how to configure the PAM radius client.. Regards Henrik James Ambursley wrote: > > radius > > -----Original Message----- > From: Henrik Nordstrom [mailto:[EMAIL PROTECTED] > Sent: Tuesday, March 25, 2003 3:18 PM > To: James Ambursley > Subject: RE: sample squid.conf > > What password source are you trying to connect to? (NCSA / LDAP / > Windows Domain / Radius / UNIX(PAM) / ...) > > Which authentication scheme? (Basic / NTLM / Digest? If unsure Basic..) > > Which Squid version? > > Regards > Henrik > > tis 2003-03-25 klockan 19.37 skrev James Ambursley: > > i am trying to create a working squid.conf which shows authentication. I have > > tried with various parameters and have not been successful. > > > > > > -----Original Message----- > > From: Henrik Nordstrom [mailto:[EMAIL PROTECTED] > > Sent: Tuesday, March 25, 2003 11:55 AM > > To: James Ambursley > > Subject: RE: sample squid.conf > > > > > > What for? > > > > > > tis 2003-03-25 klockan 16.01 skrev James Ambursley: > > > Could you send me a sample squid.conf file, please. > > > > > > > > > -----Original Message----- > > > From: Henrik Nordstrom [mailto:[EMAIL PROTECTED] > > > Sent: Tuesday, March 25, 2003 2:59 AM > > > To: Ken Thomson > > > Cc: [EMAIL PROTECTED] > > > Subject: Re: [squid-users] NTLM Authentication using the SMB helper - > > > need help with access log problems > > > > > > > > > Ken Thomson wrote: > > > > > > > The server operates fine, and the authentication works as > > > > expected. My problem lies with the access.log file. > > > > Every request from a client is first denied and then > > > > accepted after being authenticated. This happens to > > > > *EVERY* request. > > > > > > Yes, this is because of how NTLM authentication works. > > > > > > On each new TCP connection from the browser the following happens > > > > > > 1a. Browser sends request without authentication > > > 1b. Rejected by Squid as there is no authentication, squid proposing to > > > use NTLM > > > 2a. Browser sends request with a NTLM NEGOTIATE packet embedded in the > > > headers > > > 2b. Rejected by Squid with a NTLM CHALLENGE packet embedded in the > > > headers > > > 3a. Browser sends request with a NTLM AUTHENTICATE packet embedded in > > > the headers > > > 3b. Connection accepted by Squid if the authentication is successful. > > > This request and any future requests on the same TCP connection is > > > forwarded. > > > > > > All responses by Squid is logged. > > > > > > If this disturbs your log statistics then filter out TCP_DENIED/407 > > > lines with no username before processing the logs. > > > > > > Regards > > > Henrik > -- > Henrik Nordstrom <[EMAIL PROTECTED]> > MARA Systems AB, Sweden
