KB N°1962: AUTHENTICATION POP-UP ON SOME SITES
Some sites open a manual identification pop-up each time you visit.
Symptom
Some sites open a manual identification pop-up each time you visit.
Context
Some sites do not use NTLM authentication, and instead use "basic" authentication. This results in a manual identification pop-up each time the user visits the site (Windows Update sites and certain sites using java applets are particularly affected). To avoid this manual authentication, it is necessary to create an Olfeo filtering exception on the HTTP proxy for a given URL or domain.
Tests
Go to the proxy configuration menu to add ACLs:
ACLs must appear in the proxy configuration file
vim /etc/squid3/squid3.conf
This gives :
dstdomain: for a domain
dst: for an IP
url_regex: for a URL
Complete list of squid directives: http: //www.squid-cache.org/Doc/config/.
To test an ACL before adding it to the webadmin, edit the proxy configuration file
The above ACL authorizes (and overrides authentication) for requests to the test123.com domain.
squid3 -k parse -f /etc/squid3/squid3.conf
If no alert appears for the ACL that has been added, it is possible to reload squid without having to restart it:
squid3 -k reconfigure -f /etc/squid3/squid3.conf