In my this blog post i am explaining about to put authentication in squid proxy server. Each user will have to give a valid username and password in order to use the proxy server.
We will configure authentication using the NCSA module.
(Note: We have got squid server already configured and running. Please read How to configure squid server step by step )
Step I: Create a NCSA password file using to store usernames and password for basic authentication.
[root@sashwat ~] # touch /etc/squid/password
/etc/squid/password is blank file, you can change its name and location as per you need.
Step II: We can add users using htpasswd command:
[root@sashwat ~] # htpasswd /etc/squid/password ravi
New password:
Re-type new password:
Adding password for user ravi
[root@sashwat ~] #
/etc/squid/password will now have the authentication details for user ravi, similarly we can add more users in same file.
Step III: Now open the squid configuration file /etc/squid/squid.conf and insert or modify these lines (on top of every line i have written a comment stating what it does, if you don't, do not write them):
[root@sashwat ~] # vi /etc/squid/squid.conf
# This line defines the file holding the authentication details and also the program to check those details
auth_param basic program /usr/lib/squid/ncsa_auth /etc/squid/password
# Define the maximum number of child process to spawn for authentication
auth_param basic children 5
# User will see this message "Squid proxy-caching web server" in authentication box
auth_param basic realm Squid proxy-caching web server
# Time to live after a successful authentication
auth_param basic credentialsttl 2 hours
# To make username case insensitive
auth_param basic casesensitive off
Step IV: Now, add the following ACL in the same file in acl section and also allow the ACL:
# This rule will add and allow all the users having a successful authentication
acl valid_users proxy_auth REQUIRED
http_access allow valid_users
Save and exit the file
Step V: Restart the Squid Service
[root@sashwat ~] # service squid restart
That's it, Now configure your browser to use this proxy and try to open any webpage, The authentication box will pop up.
For any query please feel free to contact me my email id is sashwatkatore@gmail.com.
We will configure authentication using the NCSA module.
(Note: We have got squid server already configured and running. Please read How to configure squid server step by step )
Step I: Create a NCSA password file using to store usernames and password for basic authentication.
[root@sashwat ~] # touch /etc/squid/password
/etc/squid/password is blank file, you can change its name and location as per you need.
Step II: We can add users using htpasswd command:
[root@sashwat ~] # htpasswd /etc/squid/password ravi
New password:
Re-type new password:
Adding password for user ravi
[root@sashwat ~] #
/etc/squid/password will now have the authentication details for user ravi, similarly we can add more users in same file.
Step III: Now open the squid configuration file /etc/squid/squid.conf and insert or modify these lines (on top of every line i have written a comment stating what it does, if you don't, do not write them):
[root@sashwat ~] # vi /etc/squid/squid.conf
# This line defines the file holding the authentication details and also the program to check those details
auth_param basic program /usr/lib/squid/ncsa_auth /etc/squid/password
# Define the maximum number of child process to spawn for authentication
auth_param basic children 5
# User will see this message "Squid proxy-caching web server" in authentication box
auth_param basic realm Squid proxy-caching web server
# Time to live after a successful authentication
auth_param basic credentialsttl 2 hours
# To make username case insensitive
auth_param basic casesensitive off
Step IV: Now, add the following ACL in the same file in acl section and also allow the ACL:
# This rule will add and allow all the users having a successful authentication
acl valid_users proxy_auth REQUIRED
http_access allow valid_users
Save and exit the file
Step V: Restart the Squid Service
[root@sashwat ~] # service squid restart
That's it, Now configure your browser to use this proxy and try to open any webpage, The authentication box will pop up.
For any query please feel free to contact me my email id is sashwatkatore@gmail.com.
No comments:
Post a Comment