RE: [squid-users] proxy_auth

From: Arthur Kerpician <arthur@dont-contact.us>
Date: Mon, 6 Oct 2003 21:46:07 +0300

Sorry about posting twice...I was so desperate I thought I sent the
message to the wrong e-mail. After 3 days I realized that basic auth
works with encrypted passwd file and managed to set squid right. I hope
to have some luck with digest, too.

Thanks for the help,
Arthur

PS: by the way it was Squid 2.5-STABLE4

> My squid.conf has these lines:

[squid.conf line snipped]

> This config should prompt the client for a
> digest auth, right?

I've never used digest auth, but that looks ok.

> I created the digpass file with htpasswd, so
> it's MD5 crypted.

There's your problem - the encryption takes place between the browser
and Squid. The file itself must have the passwords in plain text. I
believe this changed in Squid 3, but you don't specify which Squid
verion you're using.

Basic auth, on the other hand, has passwords as plain text between the
browser and Squid, but encrypted in the password file.

Also, you posted this problem twice to the list - that's poor etiquette.
In this case it was a good thing because you included the bit about
encrypting the passwords in the file, but please don't do it in the
future.

Adam
Received on Mon Oct 06 2003 - 12:46:19 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:20:25 MST