October 23, 2017, 03:00:39 PM

News : LinuxSolved.com Linux Help Community Forum..

Author Topic: squid ncsa auth not working  (Read 5194 times)

Offline netguy2000

  • Linux Noob !
  • *
  • Posts: 4
squid ncsa auth not working
« on: January 21, 2011, 08:18:24 AM »
hi all Gurus,
i am stuck on this problem, and unable to find the solution. I want to use squid Proxy to ask username password to user for internet usage and if username password not correct squid stops user access.
I use following installation commands and configuration but still squid not asking for username password, and I can use Internet browsing by defining proxy in my client proxy.
also I am not using transparent proxy, I manually put proxy IP n port in client PC browser.

I use following installataion commands one by one but non of them works, and configure squid to use ncsa_auth.

./configure --enable-delay-pools --enable-linux-netfilter --enable-arp-acl --disable-ident-lookups --enable-snmp --enable-removal-policies

then I use

./configure --enable-delay-pools --enable-linux-netfilter --enable-arp-acl --disable-ident-lookups --enable-snmp --enable-removal-policies --enable-basic-auth-helpers

then I use

./configure --enable-delay-pools --enable-linux-netfilter --enable-arp-acl --disable-ident-lookups --enable-snmp --enable-removal-policies --enable-basic-auth-helpers=NCSA

with following squid.conf configuration one by one.

htpasswd /usr/local/squid/etc/passwd testuser
New password:
Re-type new password:

chmod o+r /usr/local/squid/etc/passwd

locate ncsa_auth
(then I found ncsa_auth in)


So I use following options.

auth_param basic program /usr/local/squid/libexec/ncsa_auth /usr/local/squid/etc/passwd

auth_param basic children 5
auth_param basic realm Squid proxy-caching web server
auth_param basic credentialsttl 2 hours

following are my acl and http_access lines

acl users src

acl SSL_ports port 443
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 # https
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl ncsausers proxy_auth REQUIRED

http_access allow manager localhost
http_access deny manager
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports

http_access allow ncsausers
http_access deny all

nothing in http_reply_access , and icp_access (these option are as default)

No error received in access.log or /var/logs/messages files, nor on client screen, client still using internet browsing without asking username password by squid,
Plz help me,