Squid正向代理的身份验证

vim /etc/squid/squid.conf

http_access deny !Safe_ports                 #拒绝不安全端口请求

#http_access deny net

# Deny CONNECT to other than secure SSL ports

http_access deny CONNECT !SSL_ports       #不允许连接非安全ssl_port端口

auth_param basic program /usr/lib64/squid/ncsa_auth /etc/squid/passwd  # 密码存储路径，设定通过ncsa_auth程序来读取 debine中auth_param basic program /usr/lib/squid/ncsa_auth /etc/squid/passwd

auth_param basic children 5          #定义了认证程序的进程为5

auth_param basic realm "Welcome to proxy web server"     # 设定通过验证时，呈现给用户的欢迎信息，可以不写

auth_param basic credentialsttl 12 hours   # 验证一次，可以持续访问多长时间

acl lookwest proxy_auth REQUIRED        #设定acl密码用户

http_access allow lookwest               # 允许密码用户登录

生成用户名密码文件

touch /etc/squid/passwd

htpasswd -m /etc/squid/passwd aaa  #squid 不支持MD5验证

htpasswd  /etc/squid/passwd  bbb

例子：

http_access deny CONNECT !SSL_ports

auth_param basic program /usr/lib64/squid/ncsa_auth /etc/squid/passwd

auth_param basic children 5

auth_param basic realm "Welcome to proxy web server"

auth_param basic credentialsttl 12 hours

acl lookwest proxy_auth REQUIRED

http_access allow lookwest