Configuring Basic authentication

Perform the steps for configuring Basic authentication on the server hosting the Squid service.

To configure authentication, the user account must have superuser rights.

To configure Basic authentication:

  1. Add the following lines into the beginning of the /etc/squid/squid.conf file, depending on the operating system:
    • CentOS or Red Hat Enterprise Linux:

      auth_param basic program /usr/lib64/squid/basic_ldap_auth -R -b "dc=<second-level domain name>,dc=<top-level domain name>" -D "<user name>@<Active Directory domain>" -w "<user password>" -f "sAMAccountName=%s" <IP address of the Active Directory domain controller>

      auth_param basic children 10

      auth_param basic realm Squid proxy-caching web server

      auth_param basic casesensitive off

      auth_param basic credentialsttl 1 minute

      acl auth proxy_auth REQUIRED

      http_access allow auth

    • SUSE Linux Enterprise Server:

      auth_param basic program /usr/sbin/basic_ldap_auth -R -b "dc=<second-level domain name>,dc=<top-level domain name>" -D "<user name>@<Active Directory domain>" -w "<user password>" -f "sAMAccountName=%s" <IP address of the Active Directory domain controller>

      auth_param basic children 10

      auth_param basic realm Squid proxy-caching web server

      auth_param basic casesensitive off

      auth_param basic credentialsttl 1 minute

      acl auth proxy_auth REQUIRED

      http_access allow auth

    • Ubuntu or Debian:

      auth_param basic program /usr/lib/squid/basic_ldap_auth -R -b "dc=<second-level domain name>,dc=<top-level domain name>" -D "<user name>@<Active Directory domain>" -w "<user password>" -f "sAMAccountName=%s" <IP address of the Active Directory domain controller>

      auth_param basic children 10

      auth_param basic realm Squid proxy-caching web server

      auth_param basic casesensitive off

      auth_param basic credentialsttl 1 minute

      acl auth proxy_auth REQUIRED

      http_access allow auth

  2. If you want to enable logging of events in debug mode, in the /etc/squid/squid.conf file add the -d parameter to the first string. For example:

    auth_param basic program /usr/lib64/squid/basic_ldap_auth -R -d -b "dc=<second-level domain name>,dc=<top-level domain name>" -D "<user name>@<Active Directory domain>" -w "<user password>" -f "sAMAccountName=%s" <IP address of the Active Directory domain controller>

    Debug events will be written to the file /var/log/squid/cache.log.

  3. Restart the Squid service. To do so, execute the command:

    service squid restart

Basic authentication will be configured.

Page top