End Result: A proxy server performing web-cache with user authentication.
Scenario:
Proxy Server: linuxbox5 (192.168.0.15)
Proxy Server Port: 8080
Internal Network: 192.168.0.0/24
Alowed Users: u1 and u2
Step 1:
Perform al steps given above under the heading “Simple Web-cache Setup with Squid”. And do the
additional steps given below.
Step 2:
Create squid password file and add users in it.
# touch /etc/squid/squidpasswd
# htpasswd /etc/squid/squidpasswd u1
# htpasswd /etc/squid/squidpasswd u2
Step 3:
Add folowing lines under “auth_param” section in squid.conf file.
auth_param basic program /usr/lib/squid/ncsa_auth /etc/squid/squidpasswd
auth_param basic children 15
Here:
auth_param: This parameter tels proxy to require authentication from clients.
basic: This is authentication type. Username and Passwords travel in clear text over the network.
program /usr/lib/squid/ncsa_auth:
Use this program to authenticate users. ncsa_auth only supports basic auth type.
/etc/squid/squidpasswd:
User name and passwords wil be kept in this file. We have to create this file and add users in it
by htpasswd command
auth_param basic children 15:
Start 15 authentication processes if 16 users logs in at the same time the last user wil have to
wait until a authentication programs becomes available.
Add folowing ACL lines
acl authchk proxy_auth REQUIRED
htp_access alow authchk
Above these lines
acl internal src 192.168.0.0/255.255.255.0
htp_access alow internal
Step 4:
Save and exit and restart squid service.
# service squid restart
No comments:
Post a Comment