Hello Henrik,
Thanks very much for your help. I was not successful in being able to do digest authentication. Following are details of what I did. Can you please help me overcome the problem which is reported by squid as a 'Parsing error'
[EMAIL PROTECTED] sbin]# ./squid
2004/12/14 11:10:34| Parsing Config File: Unknown authentication scheme 'digest'.
2004/12/14 11:10:34| Parsing Config File: Unknown authentication scheme 'digest'.
2004/12/14 11:10:34| Parsing Config File: Unknown authentication scheme 'digest'.
2004/12/14 11:10:34| Parsing Config File: Unknown authentication scheme 'digest'.
2004/12/14 11:10:34| Parsing Config File: Unknown authentication scheme 'digest'.
Following is how I went about the exercise.
I got the Squid 2.5 Stable 7 source and made it using the following commands. The output is also pasted for your convenience.
I look forward to hearing from you.
Warm regards
Glenn Baptista
1. CONFIGURING THE MAKEFILE ./configure --enable-digest-auth-helpers
RELEVANT OUTPUT FROM CONFIGURE .... creating helpers/digest_auth/Makefile creating helpers/digest_auth/password/Makefile ....
2. MAKE ALL ./make all
RELEVANT OUTPUT FROM MAKE ALL
Making install in digest_auth
make[2]: Entering directory `/root/temp/squid-2.5.STABLE7/helpers/digest_auth'
Making install in password
make[3]: Entering directory `/root/temp/squid-2.5.STABLE7/helpers/digest_auth/password'
make[4]: Entering directory `/root/temp/squid-2.5.STABLE7/helpers/digest_auth/password'
/bin/sh ../../../cfgaux/mkinstalldirs /usr/local/squid/libexec
/usr/bin/install -c digest_pw_auth /usr/local/squid/libexec/digest_pw_auth
make[4]: Nothing to be done for `install-data-am'.
make[4]: Leaving directory `/root/temp/squid-2.5.STABLE7/helpers/digest_auth/password'
make[3]: Leaving directory `/root/temp/squid-2.5.STABLE7/helpers/digest_auth/password'
make[3]: Entering directory `/root/temp/squid-2.5.STABLE7/helpers/digest_auth'
make[4]: Entering directory `/root/temp/squid-2.5.STABLE7/helpers/digest_auth'
make[4]: Nothing to be done for `install-exec-am'.
make[4]: Nothing to be done for `install-data-am'.
make[4]: Leaving directory `/root/temp/squid-2.5.STABLE7/helpers/digest_auth'
make[3]: Leaving directory `/root/temp/squid-2.5.STABLE7/helpers/digest_auth'
make[2]: Leaving directory `/root/temp/squid-2.5.STABLE7/helpers/digest_auth'
Making install in external_acl
make[2]: Entering directory `/root/temp/squid-2.5.STABLE7/helpers/external_acl'
make[3]: Entering directory `/root/temp/squid-2.5.STABLE7/helpers/external_acl'
make[4]: Entering directory `/root/temp/squid-2.5.STABLE7/helpers/external_acl'
make[4]: Nothing to be done for `install-exec-am'.
make[4]: Nothing to be done for `install-data-am'.
make[4]: Leaving directory `/root/temp/squid-2.5.STABLE7/helpers/external_acl'
make[3]: Leaving directory `/root/temp/squid-2.5.STABLE7/helpers/external_acl'
make[2]: Leaving directory `/root/temp/squid-2.5.STABLE7/helpers/external_acl'
make[2]: Entering directory `/root/temp/squid-2.5.STABLE7/helpers'
make[3]: Entering directory `/root/temp/squid-2.5.STABLE7/helpers'
make[3]: Nothing to be done for `install-exec-am'.
make[3]: Nothing to be done for `install-data-am'.
make[3]: Leaving directory `/root/temp/squid-2.5.STABLE7/helpers'
make[2]: Leaving directory `/root/temp/squid-2.5.STABLE7/helpers'
make[1]: Leaving directory `/root/temp/squid-2.5.STABLE7/helpers'
make[1]: Entering directory `/root/temp/squid-2.5.STABLE7'
make[2]: Entering directory `/root/temp/squid-2.5.STABLE7'
make[2]: Nothing to be done for `install-exec-am'.
make[2]: Nothing to be done for `install-data-am'.
make[2]: Leaving directory `/root/temp/squid-2.5.STABLE7'
make[1]: Leaving directory `/root/temp/squid-2.5.STABLE7'
3. MAKE INSTALL ./make install
RESULT
Copies the file 'digest_pw_auth' into the /usr/local/squid/libexec directory.
SQUID CONFIGURATION Added the relevant configuration to the squid.conf file
auth_param digest program /usr/local/squid/libexec/digest_pw_auth /usr/local/squid/etc/passwd
auth_param digest children 5
auth_param digest realm Squid proxy-caching web server
auth_param digest credentialsttl 2 hours
auth_param digest casesensitive off
ERROR OUTPUT OF SQUID
[EMAIL PROTECTED] sbin]# ./squid
2004/12/14 11:10:34| Parsing Config File: Unknown authentication scheme 'digest'.
2004/12/14 11:10:34| Parsing Config File: Unknown authentication scheme 'digest'.
2004/12/14 11:10:34| Parsing Config File: Unknown authentication scheme 'digest'.
2004/12/14 11:10:34| Parsing Config File: Unknown authentication scheme 'digest'.
2004/12/14 11:10:34| Parsing Config File: Unknown authentication scheme 'digest'.
Henrik Nordstrom wrote:
On Tue, 7 Dec 2004, Glenn Baptista wrote:
Is digest authentication is possible in the following environment.
1. We are using squid version 2.5 Stable 3 on a Redhat 9 server (and are happy to upgrade to any other suitable version).
2. We wish to authenticate using an independent DIGEST scheme; the equivalent of 'ncsa_auth', because the users are not already centrally authenticated. We wish to add the users and passwords to the Linux box ONLY FOR SQUID; the users are not Linux OS users.
Good. This is the only mode Squid supports.
If the answer to the above is yes, the queries are: 1. What is the version of squid where this is possible?
Squid-2.5 or later.
2. What is the authentication program and is it part of the '/usr/lib/squid/' directory or does it have to be separately compiled.
You need to enable the digest scheme and compile the password digest helper.
3. What is the name of the program which will create the password file and where is it located.
The helper shipped with Squid-2.5 uses plain text password file for Digest with the format
login:password
The helper shipped with Squid-3.0 (also works with Squid-2.5) also understands encrypted password files created by the htdigest program from Apache.
Regards Henrik
