[squid-users] login expired
Ignazio Raia
ignazio.raia at eutelia.com
Sat Feb 7 06:32:28 UTC 2015
Good morning Amos,
here is my squid.conf, basic_db_auth script and the shell test.
thanks a lot for your interesting and help.
TEST MADE FROM VIA ssh CONNECTION TO MY LAMP & SQUID SERVER (ssh
ignazio at 192.168.2.1)
$ sudo /usr/lib/squid3/basic_db_auth --user root --password rootpasswd --md5
--cond "1" --persis
ignazio 12345678 (wrong password)
ERR login failure
ignazio mypassword (right password)
OK
# MY SQUID.CONF
# OPTIONS FOR AUTHENTICATION
auth_param basic program /usr/lib/squid3/basic_db_auth --user root
--password rootpasswd -md5 --cond "1" --persis
#auth_param basic program /usr/lib/squid3/basic_ncsa_auth
/etc/squid3/squid.pass
auth_param basic children 5
auth_param basic realm Squid Proxy Web Server
auth_param basic credentialsttl 60 seconds
#authenticate_cache_garbage_interval 1 hour
#authenticate_ttl 60 seconds
# MY ACCESS CONTROLS
#
-----------------------------------------------------------------------------
acl localnet src 192.168.2.0/24 #my localnet
acl SSL_ports port 443
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 # https
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl CONNECT method CONNECT
acl password proxy_auth REQUIRED
# TAG: MY http_access
http_access deny !password
http_access deny !Safe_ports
http_access allow localhost manager
http_access deny CONNECT !SSL_ports
http_access deny manager
http_access allow localnet
http_access allow localhost
http_access deny all
# NETWORK OPTIONS
http_port 8888
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern -i (/cgi-bin/|\?) 0 0% 0
refresh_pattern (Release|Packages(.gz)*)$ 0 20% 2880
# example lin deb packages
#refresh_pattern (\.deb|\.udeb)$ 129600 100% 129600
refresh_pattern . 0 20% 4320
# HTTPD-ACCELERATOR OPTIONS
#
-----------------------------------------------------------------------------
visible_hostname ubuntu-server
# DNS OPTIONS
#
-----------------------------------------------------------------------------
dns_nameservers 62.94.0.41
#basic_db_auth script
#!/usr/bin/perl
use strict;
use DBI;
use Getopt::Long;
use Pod::Usage;
use Digest::MD5 qw(md5 md5_hex md5_base64);
$|=1;
=pod
=head1 NAME
basic_db_auth - Database auth helper for Squid
=cut
my $dsn = "DBI:mysql:database=squid";
my $db_user = "root";
my $db_passwd = "rootpasswd";
my $db_table = "passwd";
my $db_usercol = "user";
my $db_passwdcol = "password";
my $db_cond = "enabled = 1";
my $plaintext = 0;
my $md5 = 0;
my $persist = 0;
my $isjoomla = 0;
my $debug = 0;
my $hashsalt = undef;
etc etc
--
View this message in context: http://squid-web-proxy-cache.1019090.n4.nabble.com/login-expired-tp4669574p4669607.html
Sent from the Squid - Users mailing list archive at Nabble.com.
More information about the squid-users
mailing list