[squid-users] Help Request: How to deal with Basic Authentication
Amos Jeffries
squid3 at treenet.co.nz
Thu Sep 17 10:34:06 UTC 2020
On 17/09/20 5:22 pm, Wind Lee wrote:
> Hi all,
>
> I'm trying to set up a http(s) proxy with Basic Authentication, for now
> it works fine without auth, but as long as I add those auth part, it
> keeps rejecting auth request from client side, such as keeps requesting
> username and password on google chrome.
>
What do the Squid logs say is going on?
> I've checked the /usr/lib64/squid/basic_ncsa_auth /PATH/TO/PASSWD_FILE
> in console, and it returns OK when I type correct username/password.
>
> Distribution is CentOS 7, squid version is 4.9
>
Please upgrade to 4.13.
> I really don't know what to do next, here's the configuration:
>
> https://paste.ubuntu.com/p/SXf6tN8cCg/
>
I see Squid being told to accept valid credentials. What about missing
ones? invalid ones? garbage credentials?
Best practice for auth is to deny all non-valid credentials before
accepting.
http_access deny !auth
http_access allow localnet
Amos
More information about the squid-users
mailing list