Sleepy SME :: Sleepy SME

Howto Squid authentification

Dernière mise à jour : 2006-04-28 16:33:36 (11738 lectures)
[Imprimer la page | Envoyé à un ami]

Howto Squid authentification BETA Author: MasterSleepy Contributor: Release: SME Server 7.x License: GPL Thanks: Great thanks to dungog.net, this work is based on dansguardian contrib

Problem: You want your users to loggin to go to internet Solution: Follow this Howto

STEP 1: Create custom template directory

[root@server root]# mkdir -p /etc/e-smith/templates-custom/etc/squid/squid.conf
[root@server root]# cd /etc/e-smith/templates-custom/etc/squid/squid.conf

STEP 2: Create Template

Edit 15AuthProgramNCSA with your favorite text editor

{
return "" unless ( ($squid{RequireAuth} || "no") eq "ncsa");

$OUT .= "
auth_param basic program /usr/lib/squid/ncsa_auth /etc/proxyusers
auth_param basic children 5
auth_param basic realm squid proxy server
auth_param basic credentialsttl 2 hours
auth_param basic casesensitive off
";}

Edit 15AuthProgramPamAuth with your favorite text editor

{
return "" unless ( ($squid{RequireAuth} || "no") eq "pam");

$OUT .= "
auth_param basic program /usr/lib/squid/pam_auth
auth_param basic children 5
auth_param basic realm squid proxy server
auth_param basic credentialsttl 2 hours
auth_param basic casesensitive off
";}

Edit 20ACL05ProxyAuth with your favorite text editor

{
return "acl requireauth proxy_auth REQUIRED"
if (defined $squid{RequireAuth} && $squid{RequireAuth} =~ /(ncsa|pam)/);
}

Edit 39http_access00pwdprotect with your favorite text editor

{
return "http_access allow requireauth"
if (defined $squid{RequireAuth} && $squid{RequireAuth} =~ /(ncsa|pam)/);
}

STEP 3: If you want to use PAM authentification

[root@server root]# db configuration setprop squid RequireAuth pam
[root@server root]# expand-template /etc/squid/squid.conf
[root@server root]# service squid restart

STEP 3: If you want to use NCSA authentification

[root@server root]# db configuration setprop squid RequireAuth ncsa
[root@server root]# expand-template /etc/squid/squid.conf
[root@server root]# service squid restart

Create user authentification file

[root@server root]# touch /etc/proxyusers
[root@server root]# htpasswd -b /etc/proxyusers [name] [password]

Adapt [name] and [password] for your need, you can add as many user as you want

You can test it with the following command

[root@server root]# /usr/lib/squid/ncsa_auth /etc/proxyusers

At the prompt type
[name] [passzord]
you should have response ERR or OK

[Premier] [Précédent] [Retour à l'article principal] [Suivant] [Dernier]

[Imprimer la page | Envoyé à un ami]