[squid-users] Re: AuThentification

From: Henrik Nordstrom <[email protected]>
Date: Sat, 10 Apr 2004 23:07:14 +0200 (CEST)

I do not understand what you mean by "is call each time the same client
launch IE".

From what I can see everything looks correct, except maybe that you have
not disabled buffering of stdout. Most languages require you to disable
output buffering in order for the output to reach Squid.

Is there anyting in cache.log?

Regards
Henrik

On Sat, 10 Apr 2004, Bernard PRE wrote:

> Hi,
>
> I am sorry by i fave always the same pb : My basic authentification program
> is call each time the same client launch IE.
>
> My squid.conf seams to be rignt with the documentation so i don't undestand.
> Here is my complete squid.conf and my prog to authenticate.
> Must i migrate to Version 3 ? my current version is 2.5.STABLE4 for
> I586-mandrake-linux-gnu
>
> Perhaps, i don't undestand somethings .. (my english is very bad .. sorry)
>
> Thanks for your help
>
> Bernard
>
> ============================================================================
> ==============
>
> http_port 8080
> hierarchy_stoplist cgi-bin ?
> acl QUERY urlpath_regex cgi-bin \?
> no_cache deny QUERY
> redirect_program /usr/bin/squidGuard
> auth_param basic program /etc/squid/mysql_auth.php
> auth_param basic children 5
> auth_param basic realm Squid proxy-caching web server
> auth_param basic credentialsttl 2 hours
> refresh_pattern ^ftp: 1440 20% 10080
> refresh_pattern ^gopher: 1440 0% 1440
> refresh_pattern . 0 20% 4320
> acl all src 0.0.0.0/0.0.0.0
> acl myclients src 192.168.1.41/255.255.255.255
> acl foo proxy_auth REQUIRED
> acl manager proto cache_object
> acl localhost src 127.0.0.1/255.255.255.255
> acl myserver dstdomain .dyndns.org
> acl other1 dst 192.168.1.40
> acl other2 dstdomain .horoscope.fr
> acl to_localhost dst 127.0.0.0/8
> acl SSL_ports port 443 563
> acl Safe_ports port 8080
> acl Safe_ports port 21
> acl Safe_ports port 443 563
> acl Safe_ports port 70
> acl Safe_ports port 210
> acl Safe_ports port 1025-65535
> acl Safe_ports port 280
> acl Safe_ports port 488
> acl Safe_ports port 591
> acl Safe_ports port 777
> acl CONNECT method CONNECT
> http_access allow manager
> http_access allow myserver
> http_access allow other1
> http_access allow other2
> http_access allow localhost
> http_access allow foo
> http_access allow myclients
> http_access deny manager
> http_access deny !Safe_ports
> http_access deny CONNECT !SSL_ports
> http_access allow localhost
> http_reply_access allow all
> icp_access allow all
> cache_mgr bernard.pre@bpinf.com
> visible_hostname dhcppc2
> coredump_dir /var/spool/squid
>
>
> ###########################################################
> #
> # mysql_auth.php
> #
> ###########################################################
> #
> #!/usr/bin/php
> <?php
> $Mysrv = "dhcppc2";
> $User = "root";
> $DbName = "proxy";
> $Passwd = "3yfbxhe";
> $fi = fopen("php://stdin", "r");
> $fo = fopen("php://stdout", "w");
> while (THRU) {
> $lignelu = fgets($fi);
> $len = strlen($lignelu);
> if ($len > 1) {
> $pos = strpos($lignelu, " ");
> if ($pos == 0) {
> $bufout = "ERR\n";
> fwrite($fo, $bufout);
> continue;
> } else {
> $buf = substr($lignelu, 0, $pos);
> $len = $len - $pos-2;
> $pos = $pos + 1;
> $p = substr($lignelu, $pos, $len);
> $Handle = mysql_connect($Mysrv, $User, $Passwd);
> mysql_select_db($DbName);
> $Sql = "select * from tp_proxy where login='". $buf."' and
> password='".$p."'";
> $Req = mysql_query($Sql);
> $nb = mysql_num_rows($Req);
> if ($nb > 0) {
> $bufout = "OK\n";
> fwrite($fo, $bufout);
> continue;
> } else {
> $bufout = "ERR\n";
> fwrite($fo, $bufout);
> continue;
> }
> mysql_close($Handle);
> }
> }
> exit(0);
> }
> ?>
>
Received on Sat Apr 10 2004 - 15:07:18 MDT

This archive was generated by hypermail pre-2.1.9 : Fri Apr 30 2004 - 12:00:02 MDT