I have a TinyProxy proxy on my router, and it sends traffic to an external parent Squid proxy that is not on the LAN to get processed. I added authorization to Squid so that it is not completely open to the world (user has to provide a username and password if they point their browser to the squid proxy, which works correctly).
Looking at the TinyProxy man pages I can see that it is possible to send basic authorization header information to the Squid parent via tinyproxy, but when I attempt to do so, it is not authenticating correctly (no browser configurations. This is a transparent proxy) and I am getting access errors on Squid's end. Below is an excerpt from the TinyProxy.conf man page:
AddHeader "X-My-Header" "Powered by Tinyproxy"
If the user who is allowed on Squid has the username: test and password: test1234 with the password hash: 123456789 and this is what I include in the TinyProxy.conf file:
AddHeader "Proxy-Authorization" "Basic test:123456789"
it is not authenticating correctly when I attempt to access an HTTP site. Is the format incorrect?
Also for reference, here is my squid.conf
auth_param basic program /usr/lib/squid3/basic_ncsa_auth /etc/squid3/passwords
auth_param basic realm proxy
acl authenticated proxy_auth REQUIRED
http_access allow authenticated
#http_access allow all
http_port 3128
I found a solution to my problem. When adding a header, it is not in the form "user:password_hash", it is in the form of a base64 string. i just used an online converter(http://www.tuxgraphics.org/toolbox/base64-javascript.html) to convert "test:test1234" to "dGVzdDp0ZXN0MTIzNA==". The AddHeader line in TinyProxy then becomes:
And it authenticates perfectly! I hope someone else other than me finds this useful, as I was not able to find a single "TinyProxy" adding header example.