HTTP authentication
So far we have learned about various ways of controlling access to our Squid proxy server. Using IP addresses and MAC addresses to identify clients provides significant access control, but these properties can be spoofed our proxy server can still be accessed by unauthorized people. Using Squid authentication helpers, we can enforce username/password/based authentication which can guarantee a higher level of access control.
Squid authentication helpers work in a simple way by which the user agent or browser sends out an Authentication HTTP header field, containing encoded credentials filled in by the user. Squid tries to decode the Authentication header field and passes the decoded fields to the helper, which then checks the credentials against a preconfigured service. If the credentials provided were valid, the client is allowed to access our proxy server; otherwise a HTTP status 407 (Proxy Authentication Required) is sent back. This is the complete process of authenticating...
