[squid-users] Unable to access a device over port 4434
Amos Jeffries
squid3 at treenet.co.nz
Tue Oct 22 16:10:35 UTC 2024
On 23/10/24 01:34, Piana, Josh wrote:
> Amos,
>
> Thank you for the update in regards to the credentials.
>
> I looked into it a bit more to and it helped clear my misunderstanding.
>
> The credentialstls configuration directive only controls how often these credentials are internally verified by Squid. It means that if the browser is closed and then opened and the browser pops up credential dialog, then it has nothing to do with Squid. It means that the browser does not know what credentials it should pass to the proxy and therefore asks to enter them. The credentialsttl configuration directive means, how often the password should be "verified" after the last successful verification.
Correct.
>
> I reviewed my authentication config and changed it.
>
> Is this correct? We have a this setup via realmD, sssd, using Kerberos authentication.
>
> auth_param basic program /usr/lib64/squid/basic_pam_auth
>
> auth_param basic children 10
>
> auth_param basic keep_alive on
Per the docs "For Basic and Digest this parameter is ignored."
>
> auth_param basic credentialsttl 2 hours
>
> auth_param basic realm <redacted>
>
If that works for your needs it is good.
HTH
Amos
More information about the squid-users
mailing list