proxy: allow alt auth framework config file

We fall back to the local authentication if not found. PR: https://github.com/opnsense/plugins/issues/43 (cherry picked from commit 35122576)

proxy: allow alt auth framework config file
We fall back to the local authentication if not found. PR: https://github.com/opnsense/plugins/issues/43 (cherry picked from commit 35122576)
e6018fd6 · Franco Fichtner · 13a6db0c · e6018fd6 · e6018fd6 · e6018fd6
Commit e6018fd6 authored Oct 26, 2016 by Franco Fichtner
Showing with 15 additions and 13 deletions

plist plist +1 -0

squid.conf src/opnsense/service/templates/OPNsense/Proxy/squid.conf +1 -13

squid.user.local_auth.conf ...rvice/templates/OPNsense/Proxy/squid.user.local_auth.conf +13 -0

No files found.
--- a/plist
+++ b/plist
@@ -655,6 +655,7 @@
 /usr/local/opnsense/service/templates/OPNsense/Proxy/rc.conf.d
 /usr/local/opnsense/service/templates/OPNsense/Proxy/squid.acl.conf
 /usr/local/opnsense/service/templates/OPNsense/Proxy/squid.conf
+/usr/local/opnsense/service/templates/OPNsense/Proxy/squid.user.local_auth.conf
 /usr/local/opnsense/service/templates/OPNsense/Sample/+TARGETS
 /usr/local/opnsense/service/templates/OPNsense/Sample/example_config.txt
 /usr/local/opnsense/service/templates/OPNsense/Sample/example_parent.txt

--- a/src/opnsense/service/templates/OPNsense/Proxy/squid.conf
+++ b/src/opnsense/service/templates/OPNsense/Proxy/squid.conf
@@ -255,19 +255,7 @@ icap_enable off

 # Authentication Settings
 {% if helpers.exists('OPNsense.proxy.forward.authentication.method') and  OPNsense.proxy.forward.authentication.method != '' %}
-# Configure Local User Authentication helper
-auth_param basic program /usr/local/etc/inc/squid.auth-user.php
-{% if helpers.exists('OPNsense.proxy.forward.authentication.realm') %}
-auth_param basic realm {{OPNsense.proxy.forward.authentication.realm}}
-{% endif %}
-{% if helpers.exists('OPNsense.proxy.forward.authentication.credentialsttl') %}
-auth_param basic credentialsttl {{OPNsense.proxy.forward.authentication.credentialsttl}} hours
-{% endif %}
-{% if helpers.exists('OPNsense.proxy.forward.authentication.children') %}
-auth_param basic children {{OPNsense.proxy.forward.authentication.children}}
-{% endif %}
-# ACL - Local Authorized Users - local_auth
-acl local_auth proxy_auth REQUIRED
+{% include ['OPNsense/Proxy/squid.user.alt_auth.conf', 'OPNsense/Proxy/squid.user.local_auth.conf'] %}
 {% endif %}

 {% include "OPNsense/Proxy/squid.user.pre_auth.conf" ignore missing with context %}

--- a/src/opnsense/service/templates/OPNsense/Proxy/squid.user.local_auth.conf
+++ b/src/opnsense/service/templates/OPNsense/Proxy/squid.user.local_auth.conf
+# Configure Local User Authentication helper
+auth_param basic program /usr/local/etc/inc/squid.auth-user.php
+{% if helpers.exists('OPNsense.proxy.forward.authentication.realm') %}
+auth_param basic realm {{OPNsense.proxy.forward.authentication.realm}}
+{% endif %}
+{% if helpers.exists('OPNsense.proxy.forward.authentication.credentialsttl') %}
+auth_param basic credentialsttl {{OPNsense.proxy.forward.authentication.credentialsttl}} hours
+{% endif %}
+{% if helpers.exists('OPNsense.proxy.forward.authentication.children') %}
+auth_param basic children {{OPNsense.proxy.forward.authentication.children}}
+{% endif %}
+# ACL - Local Authorized Users - local_auth
+acl local_auth proxy_auth REQUIRED