hi every one, i installed squid on rhel6 working perfect with all restcricted sites authentication, the problem is one of my Director asked me that he hates the authentication process, so please remove and allow internet directly. Can any one of you help me how to by pass authentication only for that particular IP address

Thank you in advance.

Hi,

You should create an additional acl for your Director's IP:
(where x.x.x.x is the IP in question) and add a http_access allow before the one used for authenticating users, e.g.
Regards

bathory, thank you very much for your reply, im sorry to inform you that i did the same as you written, but its still asking the password. Please tel me if you know any other method. My requirement is proxy shouldn't ask authentication for that ip, when my director from that IP type www.google.com and hit enter it directly show google web page without asking username and password, but for other systems and other users it should ask for authentication.

thank you very much.

0 members found this post helpful.

I guess you're reloading squid after making changes in squid.conf.
Could you post squid.conf? Also check the squid access.log to make sure that your director is actually uses that IP

hi bathory

As i cant post the squid.conf and log from my server, i'm posting my own testing servers conf. Please check it


#########
auth_param basic program /usr/lib64/squid/ncsa_auth /etc/squid/passwd
auth_param basic children 5
auth_param basic realm GIL proxy server
auth_param basic credentialsttl 2 hours
auth_param basic casesensitive off
http_port 8000
acl valid_users proxy_auth REQUIRED
acl subbu proxy_auth subbu
acl director src 192.168.85.55
acl authenticated proxy_auth REQUIRED
http_access deny !valid_users
http_access allow director
http_access allow authenticated
http_access allow all
http_access deny all
######

0 members found this post helpful.

Hi,

What is the subbu acl for user subbu. If it's for your director, you don't need that.
Anyway, you can put the "http_access allow director" before any other "http_access ..." directive, so that it's first evaluated and so your director is allowed access without providing username/password:

1 members found this post helpful.

hi, bathory you are really awesome. Thank you very much, Funny thing is i been using exactly the same acl, directives for a long time. but as you said "httP_acceess allow director" should be used only before any "http_access" directive. i always used to keep "http_access allow director" after few "http_access....." directives. Now it's working two birds for one shot... didn't get it, i used the same trick to alway_direct.

Hilight is the reall stuff educated me rather than giving blind instuctions.

thank you very much can i ask you help. Can you send me request for me on facebook. my id SUBBARAOGANESHNA

Glad to see it worked. You may mark the thread SOLVED
Sorry but I don't use facebook.

Cheers

ha ha you are kidding i don't annoy you, at least give me your mail id. I just want to get in touch, i post my only on LQ not on your personal mail.

thank you.

You can use LQ to send me an email, if you want

Regards

ha ha understood, k thank you very much. have a nice time.