[squid-users] Problems with Authenticator from Udo Pokojski on 2004-10-20 (squid-users)

From: Udo Pokojski <Udo.Pokojski@dont-contact.us>
Date: Wed, 20 Oct 2004 13:46:14 +0200

Hello,

I am trying develop an authticator for basic authentication.
According to the documentation, the authenticator returns "OK" if the user
has authenticated himself. If the authentication fails, the authenticator
returns "ERR".

My first try is this dummy-authenticator:

#include <stdio.h>

char buffer[256];

int main()
{
   while (fgets(buffer,256,stdin)!=NULL)
   {
       printf("OK\n");
       fprintf(stderr,"OK\n"); // write OK to cache.log
   }
}

When I use this authenticator, I am prompted for a username and password.
After authenticating with any username and password, the proxy says:

Cache Access Denied.

Sorry, you are not currently allowed to request:

http://www.google.com/

from this cache until you have authenticated yourself.

These are the important parts of squid.conf:

auth_param basic program /usr/src/null_auth
auth_param basic children 20
auth_param basic realm Squid proxy-caching web server
auth_param basic credentialsttl 1 minutes

acl password proxy_auth REQUIRED
#acl fileupload req_mime_type -i ^multipart/form-data$
#acl javascript rep_mime_type -i ^application/x-javascript$
#
#Recommended minimum configuration:
acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl to_localhost dst 127.0.0.0/8
acl SSL_ports port 443 563
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 563 # https, snews
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl CONNECT method CONNECT

http_access allow localhost
http_access allow password
#
#Recommended minimum configuration:
#
# Only allow cachemgr access from localhost
http_access allow manager localhost
http_access deny manager
# Deny requests to unknown ports
http_access deny !Safe_ports
# Deny CONNECT to other than SSL ports
http_access deny CONNECT !SSL_ports

Since I can find the "OK" in my cache.log, I assue that the authenticator
is used by squid. Why does the authencation fail?

Thanks in advance,
Udo Pokojski

________________________________________
http://www.epost.de - das Kommunikationsportal der Deutschen Post
Received on Wed Oct 20 2004 - 05:46:20 MDT

This archive was generated by hypermail pre-2.1.9 : Mon Nov 01 2004 - 12:00:02 MST