I do some volunteer support for a high school which uses a squid proxy
with NTLM authentication for their students. I inherited this system
and know very little about it and was hoping someone might be able to
help modify the squid config file to skip authentication for certain
domains. Reading the FAQ it appears the proxy_auth key must be used but
I have to admit I'm sure sure how.
The school has some anti-virus software that needs to update with http
traffic. It supports proxy connections but does not support
authentication and so I need to always allows access to the domains:
http://espl.authentium.net <http://espl.authentium.net/>
http://www4. authentium.com <http://www4.authentium.com/>
Currently the authentication portion of the config file looks like this:
#NTLM
auth_param basic program /usr/lib/squid/smb_auth -W glcc -U 192.x.x.x
auth_param basic children 10
auth_param basic realm Squid Proxy Server
auth_param basic credentialsttl 2 hour
acl password proxy_auth REQUIRED
http_access deny !Safe_ports
http_access allow password
http_access deny all
I tried adding a section:
acl src authentium espl.authemium.net <http://espl.authemium.net/>
ww4.authentium.com <http://ww4.authentium.com/>
http_access allow authentium
above the deny line but this didn't work. I was still asked for a
password. Is it as simple as adding a line
acl src authentium espl.authemium.net <http://espl.authemium.net/>
ww4.authentium.com <http://ww4.authentium.com/>
acl authentium_auth proxy_auth all
http_access allow authenitum_auth
Or is something more complex needed?
Any help would be greatly appreciated
Luke Taylor
