[squid-users] Problem with squid proxy authentication configuration

Amiq Nahas m992493 at gmail.com
Wed Jun 10 09:26:22 UTC 2020 

Hi Guys,

I am trying to configure squid so as to have user proxy
authentication, below is how my squid.conf file looks like:

-----
acl SSL_ports port 443
acl Safe_ports port 80        # http
acl Safe_ports port 21        # ftp
acl Safe_ports port 443        # https
acl Safe_ports port 70        # gopher
acl Safe_ports port 210        # wais
acl Safe_ports port 1025-65535    # unregistered ports
acl Safe_ports port 280        # http-mgmt
acl Safe_ports port 488        # gss-http
acl Safe_ports port 591        # filemaker
acl Safe_ports port 777        # multiling http
acl CONNECT method CONNECT

http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access allow localhost manager
http_access deny manager
http_access allow localhost
http_access deny all
http_port 3128
coredump_dir /var/spool/squid

refresh_pattern ^ftp:        1440    20%    10080
refresh_pattern ^gopher:    1440    0%    1440
refresh_pattern -i (/cgi-bin/|\?) 0    0%    0
refresh_pattern (Release|Packages(.gz)*)$      0       20%     2880
refresh_pattern .        0    20%    4320
-----

The above lines were default in squid.conf file.

I have added below lines:

-----
icap_enable on
icap_send_client_ip on
icap_send_client_username on
icap_client_username_header X-Authenticated-User
icap_preview_enable on
icap_preview_size 1024

icap_service service_req reqmod_precache bypass=1 icap://127.0.0.1:1344/echo
adaptation_access service_req allow all

icap_service service_resp respmod_precache bypass=0 icap://127.0.0.1:1344/echo
adaptation_access service_resp allow all

acl ncsa src 0.0.0.0/0.0.0.0
auth_param basic program /usr/lib/squid/basic_ncsa_auth /etc/squid/squid_passwd
auth_param basic realm proxy
acl ncsa proxy_auth REQUIRED
http access allow ncsa
-----

With this in place, I have configured 127.0.0.1:3128 as manual proxy in firefox.

But when I try to connect to internet it displays "The proxy server is
refusing connections"
(https://i.ytimg.com/vi/-LJAxo9TVig/hqdefault.jpg)

Please point out what I am doing wrong?

Thanks
Amiq

More information about the squid-users mailing list