-   Linux - Server (
-   -   Seamless proxy authentication using Squid (

antomac 10-24-2007 07:30 AM

Seamless proxy authentication using Squid
Hey All,

Im a relativly new to linux as I've only been using ubuntu for about 2 and a half months now. so apologies if this has been asked before.

I have an ubuntu server with apache 2.2.6 compiled, and running on the box. I also have squid 2.6, complied and running fine. a few days ago thanks to browsing many many forms I've also figured out how to get my squid proxy server to authenticate Via LDAP so when a user opens a web browser they have to type there LDAP logon details to use the interweb.

I've been asked by the powers that be, can we now make the proxy server seemless. If a user opens a web browser it will still use their LDAP logon details to authentication but with no users intervention at all.

IE. from the users perspective they open a web brower and vola there on the web. but in the background they open the browser and the squid proxy authenticates them against their LDAP details.

I've tried using the old google machine the closest thing I've come up with was a website getting using perl scripts to authenticate against LDAP but it was for novell (i'll provide the URL in my next post)

havent really come up with much sofar. I've also had a look on the forms here but couldnt find anything thusfar.

I'd be really really greatful for any help
Thanks a mill

antomac 10-24-2007 07:31 AM

This is the closest thing i could find to getting squid to authenticate automatically:

but it does really seem to make sense to me.

joshp.23 10-30-2015 05:40 PM

Old but relevant
I realize that this is really old, but there are no answers here.

I just wrote a post on how to set up Squid with seamless auth using basic_ncsa_auth and htpasswd. I know that this post asks for an LDAP solution, but it's always nice to have alternatives, especially when they are so easy to set up. I hope this comes in handy.

Here's the full post.
and here's a quick link to making the auth seamless.

Essentially you just set up a user name and password combination for regular users, and for the ip address you want to ignore login requirements for, you set up an acl and add that ip adress to an ip_log file that the acl refers to. You then grant full access based on that acl using http_access in squid.conf.

You can also set this up to work on a dynamic IP address.

Happy Squidding

All times are GMT -5. The time now is 02:00 AM.