RE: [squid-users] Authentication through Squid3

From: Pierre Thomas <Pierre.Thomas_at_grouperdi.com>
Date: Fri, 4 Sep 2009 11:37:13 +0200

Hi Amos,

I tried your auth method :

auth_param ntlm program /usr/bin/ntlm_auth --helper-protocol=squid-2.5-ntlmssp
auth_param ntlm max_challenge_reuses 0
auth_param ntlm max_challenge_lifetime 2 minutes auth_param ntlm children 10 auth_param ntlm realm Authentification Squid

auth_param basic program /usr/bin/ntlm_auth --helper-protocol=squid-2.5-basic auth_param basic credentialsttl 1 hours auth_param basic children 5 auth_param basic realm Authentification Squid

But I still have the same error message while starting Squid :

2009/09/04 11:31:36| Processing Configuration File: /etc/squid/squid.conf (depth 0)
2009/09/04 11:31:36| Can't use proxy auth because no authentication schemes are fully configured.
FATAL: ERROR: Invalid ACL: acl SSO proxy_auth REQUIRED

Squid Cache (Version 3.0.STABLE16): Terminated abnormally.
CPU Usage: 0.023 seconds = 0.005 user + 0.018 sys Maximum Resident Size: 0 KB Page faults with physical i/o: 0 -----

-----Message d'origine-----
De�: Amos Jeffries [mailto:squid3_at_treenet.co.nz]
Envoy�: vendredi 4 septembre 2009 10:18
��: Pierre Thomas
Cc�: squid-users_at_squid-cache.org
Objet�: Re: [squid-users] Authentication through Squid3

Pierre Thomas wrote:
> Hi,
>
> I set up a Squid3 Proxy on my Centos 5.3 box, and it works properly since I try to setup authentication on my Active Directory.
>
> Here is an extract of my squid.conf, inspired of my old squid 2.7 configuration :
> ______________________________________________________________________
> auth_param ntlm program /usr/bin/ntlm_auth --helper-protocol=squid-2.5-ntlmssp
> auth_param ntlm max_challenge_reuses 0
> auth_param ntlm max_challenge_lifetime 2 minutes
> auth_param ntlm children 10
> auth_param ntlm realm Authentification Squid
>
> auth_param basic program /usr/bin/ntlm_auth --helper-protocol=squid-2.5-ntlmssp

I would expect that to use a different parameter. Basic being a
different methods of auth.
   --helper-protocol=squid-2.5-basic is probably what you wanted there.

> auth_param basic credentialsttl 1 hours
> auth_param basic children 5
> auth_param basic realm Authentification Squid
>
> acl SSO proxy_auth REQUIRED
> http_access allow SSO
> _______________________________________________________________________
>
> When I try to start the proxy service, I obtain this error message :
>
>
> [root_at_localhost mnt]# service squid start
> 2009/09/04 09:17:51| Processing Configuration File: /etc/squid/squid.conf (depth 0)
> 2009/09/04 09:17:51| Can't use proxy auth because no authentication schemes are fully configured.
> FATAL: ERROR: Invalid ACL: acl SSO proxy_auth REQUIRED
>
> Squid Cache (Version 3.0.STABLE16): Terminated abnormally.
> CPU Usage: 0.011 seconds = 0.003 user + 0.008 sys
> Maximum Resident Size: 0 KB
> Page faults with physical i/o: 0
>
> Any idea to help ?
>
> Regards
>

Strange.
Is thats the entire exact squid.conf?

And what does "squid -v" produce?

Amos

-- 
Please be using
   Current Stable Squid 2.7.STABLE6 or 3.0.STABLE18
   Current Beta Squid 3.1.0.13
Received on Fri Sep 04 2009 - 09:38:20 MDT

This archive was generated by hypermail 2.2.0 : Fri Sep 04 2009 - 12:00:02 MDT