I need to set up a proxy with authentication to verify the behavior of an application that connects to the internet.
I am trying to set-up an Apache installation with forward proxy and authentication, and even though I am close to make it work, I wonder if there is maybe a better way, as the configuration is fairly esoteric.
How can Apache be configured to work this way?
Is there any other good option that is already configured? Maybe some VM or some other software tool, instead of Apache?
I use Squid.
It's quite easy to install it and to setup it with a basic authentication with the "auth_param" directive in the configuration file.
You will find some samples, understand how it works, and all details about the auth_param on Squid Website
For the record, this is how I set up apache to be used as a forward-proxy with basic authentication:
Open http.conf
Uncomment the following LoadModule directives to enable proxy funcionality
LoadModule proxy_module modules/mod_proxy.so
LoadModule proxy_http_module modules/mod_proxy_http.so
Add the following directives to the http.conf to enable authentication
ProxyRequests On
ProxyVia On
<Proxy *>
Order deny,allow
Allow from all
AuthType Basic
AuthName "Password Required"
AuthUserFile password.file
AuthGroupFile group.file
Require group usergroup
</Proxy>
Create a password.file using the htpasswd.exe utility. Place it on the Apache Root directory
htpasswd.exe -c password.file username
Create a group.file using a test editor at the same level as the password.file with the following contents
usergroup: username
What version of Apache is that httpd.conf taken from ?
I'm using the Windows one:
apache_2.0.63-win32-x86-no_ssl.msi
And this doesn't seem to work: the requests do not get challenged for a password (tried Firefox, IE, Opera).
If I use the same approach but for general requests like this:
<Location>
AuthType Basic
AuthName "Password Required"
AuthUserFile "D:\Program Files\Apache Group\Apache2\passwords"
Require valid-user
</Location>
(Or use a '<Directory>' instead of '<Location>') : then the browser IS correctly challenged for locally served pages.
I see a few other posting on the web in general about this : does this actually really work in the version of Apache I'm using ?
Yes, Mario's solution works in Apache 2.2. I don't know what you need to do for 2.0 but I think this forward proxying has been working for a while. Make sure that you are really going through this virtuahost for the pages and not the general host.