Go Back   HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials > Linux Forums > Technical

Do you like HowtoForge? Please consider supporting us by becoming a subscriber.
Thread Tools Display Modes
Prev Previous Post   Next Post Next
Old 22nd January 2013, 01:11
asb2204 asb2204 is offline
Junior Member
Join Date: Jan 2013
Posts: 2
Thanks: 0
Thanked 0 Times in 0 Posts
Default Cannot bypass authentication for squid proxy using ncsa


I have recently deployed a squid proxy server v3.1 with qlproxy content filtering. It is running on a centos 6 box with webmin.

Works great, except i cannot by pass authentication for some websites which do not work via simple authentication such as windows activations and myob company file validations.

I am using ncsa for authentication

here is a post of the squid.conf. Any assistance would be greatly appreciated. the how tos on this site rock btw!


# qlproxy settings added by adrian for content scanning
icap_enable on
icap_preview_enable on
icap_preview_size 4096
icap_persistent_connections on
icap_send_client_ip on
icap_send_client_username on
icap_service qlproxy1 reqmod_precache bypass=0 icap://
icap_service qlproxy2 respmod_precache bypass=0 icap://
adaptation_access qlproxy1 allow all
adaptation_access qlproxy2 allow all

# Recommended minimum configuration:
acl manager proto cache_object
acl localhost src ::1
acl to_localhost dst ::1

# Example rule allowing access from your local networks.
# Adapt to list your (internal) IP networks from where browsing
# should be allowed
# acl localnet src # RFC1918 possible internal network
acl localnet src # RFC1918 possible internal network
# acl localnet src # RFC1918 possible internal network
acl localnet src fc00::/7 # RFC 4193 local private network range
acl localnet src fe80::/10 # RFC 4291 link-local (directly plugged) machines

acl SSL_ports port 443
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 # https
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http

# added by adrian to bypass auth on certain domains

acl whitelist dstdomain "/etc/squid/whitelist.txt"
acl http proto http
acl port_80 port 80
acl port_443 port 443

# rules allowing non-authenticated users
http_access allow http port_80 whitelist
http_access allow CONNECT port_443 whitelist

# --------------------------------------------------------------

# NCSA configuration for authentication added by adrian

auth_param basic program /usr/lib/squid/ncsa_auth /etc/squid/passwd
auth_param basic children 5
auth_param basic realm Acoustic Proxy Server
auth_param basic credentialsttl 2 hours
auth_param basic casesensitive off
acl ncsa_users proxy_auth REQUIRED
http_access allow ncsa_users

# ------------------------------------------------------------

# Recommended minimum Access Permission configuration:
# Only allow cachemgr access from localhost

http_access allow manager localhost

http_access deny manager

# Deny requests to certain unsafe ports
http_access deny !Safe_ports


$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$ $$$



So when I open my internet browser as google as home page it does not ask for username and password. I can search google as well and see search results without user/pw. but when I goto www.microsoft.com or www.myob.com.au it always asks for pw when I I do not want it to.

As I will also need to do microsoft activations via the proxy./

Please assist.

Kind Regards
Reply With Quote
Sponsored Links


authentication, cent os 6, proxy, squid

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
SASL LOGIN authentication failed Captain Installation/Configuration 4 13th March 2012 21:07
Need help with ISPConfig Mail and Squirrelmail m.xander Installation/Configuration 109 3rd February 2012 01:15
strange fail2ban behaviour > doesn't ban specific IP Djamu Server Operation 2 13th January 2012 03:29
Fail2ban configuration Captain Installation/Configuration 2 28th June 2011 20:48
Mod_Perl Configuration Issue szise Installation/Configuration 4 28th November 2008 13:41

All times are GMT +2. The time now is 17:52.

Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.