I set up iptables and squid successfully, now I try to get the proxy authentication running. My squi.conf look the following way:
auth_param basic program /usr/lib/squid/ncsa_auth /etc/squid/proxy_users
auth_param basic children 5
auth_param basic realm Squid proxy-caching web server
auth_param basic credentialsttl 2 hours
acl all src all
acl manager proto cache_object
acl localhost src 127.0.0.1/32
acl to_localhost dst 127.0.0.0/8 0.0.0.0/32
acl localnet src 10.0.0.0/8 # RFC1918 possible internal network
acl localnet src 172.16.0.0/12 # RFC1918 possible internal network
acl localnet src 192.168.7.0/24
acl passwd proxy_auth REQUIRED
http_access allow localnet passwd
http_access allow localhost
http_access deny all
So. Its according to the book. It works in so far as that when i start the browser, it hands me on request an "Access denied" page. But I get not chance to authenticate myself! I heard it could be that firefox automatically hands over an anynomous user, which, of course gets denied.
How can I force the browser to pop up an authentication box?
Best Answer
I'm sorry. Transparent means the browser is redirected to the proxy without knowing it. This implies the browser hasn't got configured any proxy, thus hasn't got configured any proxy authentication. Even more, the HTTP used to talk to a proxy is different than the one in a normal browser - webserver talk.
How exactly are you trying to do authentication mixed with transparent proxy? I've though inmediatly of this, checked google and confirmed it. Everywhere I look it says that it cannot be done.