LinuxQuestions.org
Register a domain and help support LQ
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices

Reply
 
Search this Thread
Old 04-18-2006, 02:32 PM   #1
EECore
LQ Newbie
 
Registered: Jul 2005
Distribution: Debian, NetBSD
Posts: 9

Rep: Reputation: 0
Squid Authentication Problems (Using PAM)


Goodmorning/evening/afternoon.

I have recently been trying to get a transparent squid proxy working with authentication and have not had much luck so far.

I am new to squid but I have spent the last 8 hours or so reading documentation and tutorials on how-to get squid functioning properly. I have compiled my own squid.conf using both the bundled squid.conf.default configuration file and the squid documentation located at the following URL: http://squid-docs.sourceforge.net/latest/book-full.html

So far I haven't had much luck, the squid daemon will start correctly but when I try to access any websites outside of my local network, I am not asked for any credentials and I am greeted with an "Access Denied" page bearing the following text:

Code:
"Access control configuration prevents your request from being allowed at this time. Please contact your service provider if you feel this is incorrect."
I have gone over my config file and have been searching arround the web for solutions for hours on end, it is now 5am and I am about ready to pack it in. I have decided to ask here as a last resort as hopefully someone will be able to shead some light on the subject

I am using Squid 2.5Stable6 built with support for authentication and PAM as an authentication helper, my squid.conf is attached below.

squid.conf:
Code:
http_port 3128

dns_timeout 1 minutes

cache_mgr admin@nemo.sass-office.local

httpd_accel_host virtual
httpd_accel_port 80
httpd_accel_with_proxy on
httpd_accel_uses_host_header on

acl all src 0.0.0.0/0.0.0.0
acl PURGE method purge
acl CONNECT method connect
acl SafePorts port 21 22 25 110 443 563 6881-6889
acl BadPorts port 6346 6347 4662 4672 6699 6257

auth_param basic program /usr/lib/squid/pam_auth
auth_param basic realm SASS Login
auth_param basic children 5
auth_param basic credentialsttl 2 hour
acl ProxyLogin proxy_auth REQUIRED

http_access allow ProxyLogin
http_access allow SafePorts
http_access deny BadPorts
http_access deny CONNECT

http_access deny all

Thankyou for your time.
-----------------------
Peter
 
Old 04-19-2006, 07:05 AM   #2
paul_mat
Member
 
Registered: Nov 2004
Location: Townsville, Australia
Distribution: Fedora Core 5, CentOS 4, RHEL 4
Posts: 855

Rep: Reputation: 30
have you done.

chmod u+s /usr/lib/squid/pam_auth

look in the log files /var/log/squid

check out my website listed below, search for pam and have a look at the how-to for squid and pam
 
Old 04-19-2006, 07:41 AM   #3
EECore
LQ Newbie
 
Registered: Jul 2005
Distribution: Debian, NetBSD
Posts: 9

Original Poster
Rep: Reputation: 0
Thankyou for your suggestions. Unfortunatly, I have given up on PAM and decided to use ncsa_auth instead, it has been working with no major dramas for the last few hours.

Thankyou anyway
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Squid With PAM authentication paul_mat Linux - Networking 2 03-15-2011 12:47 PM
VNC with PAM authentication? make Linux - Software 2 06-07-2005 02:45 AM
Squid PAM authentication and LDAP redmat Linux - Newbie 1 09-03-2004 07:22 PM
PAM authentication failed schatoor Linux - Software 0 02-18-2004 02:26 PM
How does PAM Authentication Work? ejennings_98 Linux - Security 1 10-31-2003 02:29 PM


All times are GMT -5. The time now is 04:28 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration