Create an account file
To create an account file for user authentication, you can use Apache's htpasswd program to generate an account file.
File/etc/squid/passwd. Each line of the account file contains the information of a user, that is, the user name and the encrypted password.
Htpasswd-c/etc/squid/passwd wj
650) this. width = 650; "src =" http://www.bkjia.com/uploads/allimg/131228/05293BT6-0.jpg "title =" User Certificate-2.jpg "alt =" 140854389.jpg"/>
Edit the Squid configuration file vim/etc/squid. conf.
650) this. width = 650; "src =" http://www.bkjia.com/uploads/allimg/131228/0529361127-1.jpg "title =" User Certificate -1.jpg "alt =" 140935760.jpg"/>
Auth_param basic program/usr/lib/squid/ncsa_auth/etc/squid/passwd
Option defines the authentication method as basic, the authentication program path and the degree of authentication needs to read the account file
Auth_param basic children 5
This option defines the process of the authentication program as 5
Auth_param basic credentialsttl 2 hours
This option defines the authentication program time to 2 hours, if the user needs to use squid after 2 hours, you must re-enter the account and password
Auth_param basic realm This is a Squid porxy-caching
The auth_param basic realm option defines the domain content displayed when a user logs on, similar to the Apache membership authentication.
Acl auth_user proxy_auth REQUIRED
Http_accel allow auth_user
Define an ACL named auth_user. The ACL type is proxy_auth. Use an external program to perform user authentication. The list value is REQUIRED, and then use the http_access option to allow the list.
# The following are functional statements.
Acl noauth_user src 192.168.2.0/255.255.255.0
Auth_param basic program/usr/lib/squid/ncsa_auth/etc/squid/passwd
Auth_param basic children 5
Auth_param basic credentialsttl 2 hours
Auth_param basic realm This is a Squid proxy-caching
Acl auth_user proxy_auth REQUIRED
Http_access allow noauth_user
Http_access aloow auth_user
The above function is: as long as users from the 192.168.2.0 CIDR Block do not need to be authenticated, other users have been authenticated before they can pass the proxy server.
① Run the "/etc/init. d/squid restart" command on the server to restart the Squid service.
② Configure the IP address and port number of the proxy server in the Web browser of the client.
③ When accessing any website, the Web browser will pop up a dialog box for entering the user name and password.
④ Enter the correct user name and command to connect to the Internet.
⑤ If the user name and password are incorrect, the error message "Access denied by the Network Cache Server" appears.
650) this. width = 650; "src =" http://www.bkjia.com/uploads/allimg/131228/05293614V-2.jpg "title =" User Certificate-2-1.jpg "alt =" 142449370.jpg"/>
650) this. width = 650; "src =" http://www.bkjia.com/uploads/allimg/131228/0529361417-3.jpg "title =" User Authentication -3.jpg "alt =" 1425342.16.jpg"/>
650) this. width = 650; "src =" http://www.bkjia.com/uploads/allimg/131228/05293620V-4.jpg "style =" float: none; "title =" User Authentication -4.jpg "alt =" 142841279.jpg"/>
650) this. width = 650; "src =" http://www.bkjia.com/uploads/allimg/131228/0529364595-5.jpg "style =" float: none; "title =" User Certificate -5.jpg "alt =" 142847812.jpg"/>
650) this. width = 650; "src =" http://www.bkjia.com/uploads/allimg/131228/05293A261-6.jpg "style =" float: none; "title =" User Authentication -6.jpg "alt =" 142852220.jpg"/>
This article is from the blog "life is on duty, don't seek anything". I will not repost it!