1. Home
  2. Server Administration
  3. Squid. The definitive guide

12.1 Configuring Squid

The auth_param directive controls every aspect of configuring Squid's authentication helpers. The different methods (Basic, Digest, NTLM) have some things in common, and some unique parameters. The first argument following auth_param must be one of basic, digest, or ntlm. I'll cover this directive in detail for each authentication scheme later in the chapter.

In addition to auth_param, Squid has two more directives that affect proxy authentication. You can use the max_user_ip ACL to prevent users from sharing their username and password with others. If Squid detects the same username coming from too many different IP addresses, the ACL is a match and you can deny the request. For example:

acl FOO max_user_ip 2

acl BAR proxy_auth REQUIRED

http_access deny FOO

http_access allow BAR

In this case, if a user submits requests from three or more different IP addresses, Squid denies the request. The authenticate_ip_ttl directive controls how long Squid remembers the source IP addresses for each user. A smaller TTL makes it easier for users with frequently changing IP addresses. You can use larger TTLs in an environment where users have the same IP address for long periods of time.



    		Preface
    		Chapter 1. Introduction
    		Chapter 2. Getting Squid
    		Chapter 3. Compiling and Installing
    		Chapter 4. Configuration Guide for the Eager
    		Chapter 5. Running Squid
    		Chapter 6. All About Access Controls
    		Chapter 7. Disk Cache Basics
    		Chapter 8. Advanced Disk Cache Topics
    		Chapter 9. Interception Caching
    		Chapter 10. Talking to Other Squids
    		Chapter 11. Redirectors
    		Chapter 12. Authentication Helpers
    		12.1 Configuring Squid
    		12.2 HTTP Basic Authentication
    		12.3 HTTP Digest Authentication
    		12.4 Microsoft NTLM Authentication
    		12.5 External ACLs
    		12.6 Exercises
    		Chapter 13. Log Files
    		Chapter 14. Monitoring Squid
    		Chapter 15. Server Accelerator Mode
    		Chapter 16. Debugging and Troubleshooting
    		Appendix A. Config File Reference
    		Appendix B. The Memory Cache
    		Appendix C. Delay Pools
    		Appendix D. Filesystem Performance Benchmarks
    		Appendix E. Squid on Windows
    		Appendix F. Configuring Squid Clients