On Friday 30 May 2003 14.49, Mohammad Shakir wrote:
> authenticate_program /usr/lib/squid/pam_auth
> acl mypassword proxy_auth shakir
> http_acess allow mypassword
>
> when I use proxy then user name and password window is
> also appear but its not verify my password from
> /etc/shadow file, I have also create a user shakir by
> adduser command.
Make sure the pam_auth helper is installed correctly and that the
squid PAM service is configured correctly. pam_auth needs to be
installed set-user-id root to be allowed to verify the passwords of
other users than the user Squid runs as (cache_effective_user).
To verify the squid PAM service configuration run pam_auth from the
command line as root, and then type a
username <space> password <enter>
If the above works then verify that pam_auth is installed correctly by
running it as the cache_effective_user (use the su command to change
user).
> some of friends advise me to recomplie squid source
> with externel authentication but I do not know how to
> recomplie and after recompling this problem will slove
> ?
No. There is no such recompile needed.
A standard compile of Squid includes basic authentication, and if you
have the pam_auth helper available then you have all components
needed.
Only if you want to use other authentication schemes than basic
authentication such as NTLM or Digest authentication then a recompile
of Squid is needed. However, neither NTLM or Digest authentication
can use your /etc/shadow file as user database.. (not mathematically
possible).
Regards
Henrik
-- Donations welcome if you consider my Free Squid support helpful. https://www.paypal.com/xclick/business=hno%40squid-cache.org If you need commercial Squid support or cost effective Squid or firewall appliances please refer to MARA Systems AB, Sweden http://www.marasystems.com/, [email protected]Received on Fri May 30 2003 - 14:44:22 MDT
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:17:07 MST