These instructions are applicable if Kaspersky Web Traffic Security was installed from an RPM or DEB package to a ready-to-use operating system. If Kaspersky Web Traffic Security was installed from an ISO file, configuration files for the built-in proxy server cannot be manually changed.
Perform the steps for configuring Basic authentication on the server hosting the Squid service.
To configure authentication, the user account must have superuser rights.
To configure Basic authentication:
auth_param basic program /usr/lib64/squid/basic_ldap_auth -R -b "<LDAP object (domain, group, or organizational unit) in DN format (for example, "ou=ou_name,dc=test,dc=local" or "dc=domain,dc=example,dc=com")>" -D "<user name>@<Active Directory domain>" -w "<user password>" -f "sAMAccountName=%s" <IP address of the Active Directory domain controller>
auth_param basic children 10
auth_param basic realm Squid proxy-caching web server
auth_param basic casesensitive off
auth_param basic credentialsttl 1 minute
acl authenticated_user proxy_auth REQUIRED
http_access deny !authenticated_user
auth_param basic program /usr/sbin/basic_ldap_auth -R -b "<LDAP object (domain, group, or organizational unit) in DN format (for example, "ou=ou_name,dc=test,dc=local" or "dc=domain,dc=example,dc=com")>" -D "<user name>@<Active Directory domain>" -w "<user password>" -f "sAMAccountName=%s" <IP address of the Active Directory domain controller>
auth_param basic children 10
auth_param basic realm Squid proxy-caching web server
auth_param basic casesensitive off
auth_param basic credentialsttl 1 minute
acl authenticated_user proxy_auth REQUIRED
http_access deny !authenticated_user
auth_param basic program /usr/lib/squid/basic_ldap_auth -R -b "<LDAP object (domain, group, or organizational unit) in DN format (for example, "ou=ou_name,dc=test,dc=local" or "dc=domain,dc=example,dc=com")>" -D "<user name>@<Active Directory domain>" -w "<user password>" -f "sAMAccountName=%s" <IP address of the Active Directory domain controller>
auth_param basic children 10
auth_param basic realm Squid proxy-caching web server
auth_param basic casesensitive off
auth_param basic credentialsttl 1 minute
acl authenticated_user proxy_auth REQUIRED
http_access deny !authenticated_user
-d parameter to the first string.auth_param basic program /usr/lib64/squid/basic_ldap_auth -R -d -b "<LDAP object (domain, group, or organizational unit) in DN format (for example, "ou=ou_name,dc=test,dc=local" or "dc=domain,dc=example,dc=com")>" -D "<user name>@<Active Directory domain>" -w "<user password>" -f "sAMAccountName=%s" <IP address of the Active Directory domain controller>
auth_param basic program /usr/sbin/basic_ldap_auth -R -d -b "<LDAP object (domain, group, or organizational unit) in DN format (for example, "ou=ou_name,dc=test,dc=local" or "dc=domain,dc=example,dc=com")>" -D "<user name>@<Active Directory domain>" -w "<user password>" -f "sAMAccountName=%s" <IP address of the Active Directory domain controller>
auth_param basic program /usr/lib/squid/basic_ldap_auth -R -d -b "<LDAP object (domain, group, or organizational unit) in DN format (for example, "ou=ou_name,dc=test,dc=local" or "dc=domain,dc=example,dc=com")>" -D "<user name>@<Active Directory domain>" -w "<user password>" -f "sAMAccountName=%s" <IP address of the Active Directory domain controller>
Debug events will be written to the file /var/log/squid/cache.log.
service squid restart
Basic authentication will be configured.
Page top