The following describes how the Squid service enables user identity authentication-Linux Enterprise Application-Linux server application information. How does the Squid service authenticate user identities?
[Root@CentOS5.1] # fuqin cooking wine # passed the test in RHEL5/CentOS5 Environment
# The following statements implement user identity authentication:
# The auth_param basic program option defines the authentication method as basic. The authentication program path and the authentication degree need to read the account file.
Auth_param basic children 5
# This option defines the process of the authentication program as 5
Auth_param basic credentialsttl 2 hours
# This option defines the authentication program time to 2 hours, if the user needs to use squid after 2 hours, you must re-enter the account and password
Auth_param basic realm This is a Squid porxy-caching
# The auth_param basic realm option defines the domain content displayed when a user logs on, similar to Apache membership authentication.
Acl auth_user proxy_auth REQUIRED
Http_accel allow auth_user
# Define an ACL named auth_user. The ACL type is proxy_auth. Use an external program to perform user authentication. The list value is REQUIRED, and then use the http_access option to allow the list.
Create an account file
Htpasswd-c/etc/squid/passwd st02
# The usage is the same as that of Apache membership authentication. For the first time, you need-c, and you do not need to lose any more.
The following statement uses squid to select the http_access option in sequence. The computer 192.168.16.0/255.255.255.0 used by the leader does not need squid to access the Internet directly. Other clients must pass user authentication before accessing the Internet.
# The following are functional statements.
Acl noauth_user src 192.168.16.0/255.255.255.0
Auth_param basic program/usr/lib/squid/ncsa_auth/etc/squid/passwd
Auth_param basic children 5
Auth_param basic credentialsttl 2 hours
Auth_param basic realm This is a Squid proxy-caching
Acl auth_user proxy_auth REQUIRED
Http_access allow noauth_user
Http_access aloow auth_user
Tip: squid does not support enabling user identity authentication in transparent proxy mode.
For more information, see http://hi.baidu.com/yuhongchun027. thank you.
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
info-contact@alibabacloud.com
and provide relevant evidence. A staff member will contact you within 5 working days.
