LinuxQuestions.org
Download your favorite Linux distribution at LQ ISO.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 02-02-2007, 06:31 AM   #1
man_linux
LQ Newbie
 
Registered: Aug 2006
Posts: 19

Rep: Reputation: 0
Squid authentication problem


Hi,

I have this problem with squid..... plz help me in this

I am trying to do proxy behind proxy.

user --> local proxy (problem) --> parent cache proxy --> internet.

The proxy I am tring to setup locally is forwarding requests to parent cache, to which direct access from client is not allowed. This parent cache is doing ldap authentication with AD.

When I setup local proxy, it was working properly but suddenly stopped working.
Now I am getting error
----------------------------
Cache Access Denied.

Sorry, you are not currently allowed to request:

http://www.google.com/
from this cache until you have authenticated yourself.
----------------------------

My current squid conf file -

http_port 8080
acl all src 0.0.0.0/0.0.0.0
http_access allow all
cache_peer 10.20.12.30 parent 8080 0 no-query proxy-only login=PASS
cache_peer_access 10.20.12.30 allow all
login=PASS
never_direct allow all

---------------------------------------------

I am passing user domain credintials to parents proxy, still it is saying access denied.
what is the problem here, any thing missing in config? do I need to authenticate my local proxy with parent instead of authenticating client? and how do I do that?

Thanks in advance.
 
Old 02-06-2007, 12:19 AM   #2
robert.r
LQ Newbie
 
Registered: Feb 2007
Posts: 2

Rep: Reputation: 0
Squid authentication problem

Sorry, but squid will not pass the NTLM credentials to the upstream by default.

There is an NTLM module for squid but I'm not sure if it will pass the credentials. It is probably just for plain authentication. You may check the website for more info:
devel.squid-cache.org/ntlm/squid_helper_protocol.html

My suggestion is to have first(downstream) proxy perform the authentication.

HTH
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Squid + ncsa Users Authentication problem shamshadalam Linux - Enterprise 0 04-23-2006 10:27 AM
SQUID authentication jhp Linux - Software 2 06-14-2005 10:39 AM
squid without authentication paul_mat Linux - Networking 2 03-20-2005 11:02 PM
Squid authentication gubak Linux - Networking 10 08-13-2004 08:31 AM
Squid Authentication problem using ncsa_auth alexjordan02 Linux - Software 0 01-28-2004 09:53 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 10:53 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration