>Yes it is asking and working. >I have tried this in my Cache server for authentication type and it is working >there. > >> Cache Access Denied. >> http://www.google.com/ >> > >It seems your http_access rule is not allowing to access cache there.
> >> auth_param basic program /usr/src/null_auth > >Are you having the authenticator in this location with executable permission >there? >Try on command line as, >/usr/src/null_auth >test test >OK >OK >...... > On command line, the authenticator works. >> auth_param basic children 20 >> auth_param basic realm Squid proxy-caching web server >> auth_param basic credentialsttl 1 minutes > >> acl password proxy_auth REQUIRED >> http_access allow password > >It is correct. > >> Since I can find the "OK" in my cache.log, I assue that the authenticator >> is used by squid. Why does the authencation fail? > >Are you using any more http_access rules there.? And did you reconfigure >your running squid.? after making changes? I restart squid after changig the configuration. >Try to stop your squid and use, configuration as, > >auth_param basic program /usr/src/null_auth >auth_param basic children 5 >auth_param basic realm Squid proxy-caching web server >auth_param basic credentialsttl 2 hours >auth_param basic casesensitive off > >acl password proxy_auth REQUIRED > >Go to the starting of # TAG: http_reply_access. ># http rule >http_access allow auth >http_access deny all > >Try now. Are you okie. > Now I end up in a timeout. After authenticating myself, the proxy is not fetching the URL. As a test I replaced in authenticator the string "OK" by "ERR". I expect a "Cache access denied" error, I get no error. Regardless of the authenticator one TCP_DENIED/407 is reported in access.log. Squid seems to ignore the return value of the authenticator. I am using this configuration: hierarchy_stoplist cgi-bin ? acl QUERY urlpath_regex cgi-bin \? no_cache deny QUERY auth_param basic program /usr/sbin/null_auth auth_param basic children 5 auth_param basic realm Squid proxy-caching web server auth_param basic credentialsttl 2 hours refresh_pattern ^ftp: 1440 20% 10080 refresh_pattern ^gopher: 1440 0% 1440 refresh_pattern . 0 20% 4320 acl password proxy_auth REQUIRED acl all src 0.0.0.0/0.0.0.0 acl manager proto cache_object acl localhost src 127.0.0.1/255.255.255.255 acl to_localhost dst 127.0.0.0/8 acl SSL_ports port 443 563 acl Safe_ports port 80 # http acl Safe_ports port 21 # ftp acl Safe_ports port 443 563 # https, snews acl Safe_ports port 70 # gopher acl Safe_ports port 210 # wais acl Safe_ports port 1025-65535 # unregistered ports acl Safe_ports port 280 # http-mgmt acl Safe_ports port 488 # gss-http acl Safe_ports port 591 # filemaker acl Safe_ports port 777 # multiling http acl CONNECT method CONNECT http_access allow localhost http_access allow password http_access deny all http_access deny !Safe_ports http_reply_access allow all icp_access allow all coredump_dir /var/cache/squid When I am starting squid, I can find no errors in the cache.log: proxy:/tmp # 2004/10/21 10:44:37| Starting Squid Cache version 2.5.STABLE3 for i686-pc-linux-gnu... 2004/10/21 10:44:37| Process ID 6574 2004/10/21 10:44:37| With 4096 file descriptors available 2004/10/21 10:44:37| DNS Socket created at 0.0.0.0, port 32771, FD 5 2004/10/21 10:44:37| Adding nameserver 192.168.12.3 from /etc/resolv.conf 2004/10/21 10:44:37| helperOpenServers: Starting 5 'null_auth' processes 2004/10/21 10:44:37| User-Agent logging is disabled. 2004/10/21 10:44:37| Referer logging is disabled. 2004/10/21 10:44:37| Unlinkd pipe opened on FD 15 2004/10/21 10:44:37| Swap maxSize 102400 KB, estimated 17066 objects 2004/10/21 10:44:37| Target number of buckets: 853 2004/10/21 10:44:37| Using 8192 Store buckets 2004/10/21 10:44:37| Max Mem size: 8192 KB 2004/10/21 10:44:37| Max Swap size: 102400 KB 2004/10/21 10:44:37| Local cache digest enabled; rebuild/rewrite every 3600/3600 sec 2004/10/21 10:44:37| Rebuilding storage in /var/cache/squid (CLEAN) 2004/10/21 10:44:37| Using Least Load store dir selection 2004/10/21 10:44:37| Set Current Directory to /var/cache/squid 2004/10/21 10:44:37| Loaded Icons. 2004/10/21 10:44:37| Accepting HTTP connections at 0.0.0.0, port 3128, FD 17. 2004/10/21 10:44:37| Accepting ICP messages at 0.0.0.0, port 3130, FD 18. 2004/10/21 10:44:37| HTCP Disabled. 2004/10/21 10:44:37| Accepting SNMP messages on port 3401, FD 19. 2004/10/21 10:44:37| WCCP Disabled. 2004/10/21 10:44:37| Ready to serve requests. 2004/10/21 10:44:37| Done reading /var/cache/squid swaplog (24 entries) 2004/10/21 10:44:37| Finished rebuilding storage from disk. 2004/10/21 10:44:37| 24 Entries scanned 2004/10/21 10:44:37| 0 Invalid entries. 2004/10/21 10:44:37| 0 With invalid flags. 2004/10/21 10:44:37| 24 Objects loaded. 2004/10/21 10:44:37| 0 Objects expired. 2004/10/21 10:44:37| 0 Objects cancelled. 2004/10/21 10:44:37| 0 Duplicate URLs purged. 2004/10/21 10:44:37| 0 Swapfile clashes avoided. 2004/10/21 10:44:37| Took 0.3 seconds ( 91.1 objects/sec). 2004/10/21 10:44:37| Beginning Validation Procedure 2004/10/21 10:44:37| Completed Validation Procedure 2004/10/21 10:44:37| Validated 24 Entries 2004/10/21 10:44:37| store_swap_size = 236k 2004/10/21 10:44:38| storeLateRelease: released 0 objects Regards, Udo Pokojski ________________________________________ http://www.epost.de - das Kommunikationsportal der Deutschen Post
