[squid-users] Help Request: How to deal with Basic Authentication

Amos Jeffries squid3 at treenet.co.nz
Thu Sep 17 10:34:06 UTC 2020

On 17/09/20 5:22 pm, Wind Lee wrote:
> Hi all,
> I'm trying to set up a http(s) proxy with Basic Authentication, for now
> it works fine without auth, but as long as I add those auth part, it
> keeps rejecting auth request from client side, such as keeps requesting
> username and password on google chrome.

What do the Squid logs say is going on?

> I've checked the /usr/lib64/squid/basic_ncsa_auth /PATH/TO/PASSWD_FILE
> in console, and it returns OK when I type correct username/password.
> Distribution is CentOS 7, squid version is 4.9

Please upgrade to 4.13.

> I really don't know what to do next, here's the configuration:
> https://paste.ubuntu.com/p/SXf6tN8cCg/

I see Squid being told to accept valid credentials. What about missing
ones? invalid ones? garbage credentials?

Best practice for auth is to deny all non-valid credentials before

  http_access deny !auth
  http_access allow localnet


More information about the squid-users mailing list