Generated Configuration Files
After you specify domain information, enable Kerberos, NTLM and basic LDAP authenticators you must click Save and Restart button. Admin UI will then generate the number of files in the /opt/websafety/etc/squid folder.
Here is a short description of what most important these generated files means.
| File Path | Description |
|---|---|
/opt/websafety/etc/krb5.conf |
Configuration file for the Kerberos subsystem on the proxy. It contains settings what realm to connect to and cypher to be used for encrypted Kerberos tickets. This file is read by the /opt/websafety/bin/wskrb5 authentication wrapper that adjusts Kerberos environment for default /usr/lib/squid/negotiate_wrapper_auth Squid authenticator. |
/opt/websafety/etc/krb5.keytab |
Contains Service Principal Name (SPN) and corresponding encrypted Kerberos tickets. It is directly used to verify identify of connecting browsers. |
/opt/websafety/etc/squid/access_controls.conf |
Contains predefined ACLs of localname, safe ports and methods in Squid. |
/opt/websafety/etc/squid/authentication.conf |
Contains authenticating helper definitions for Kerberos, NTLM and Basic LDAP. This file gets generated based on authenticator settings adjusted in Web UI. |
/opt/websafety/etc/squid/authentication/exclude.conf |
Contains exclusions from authentication by remote web site name, user name or IP address, user agent and other ACLs that are specified in Admin UI / Squid Proxy / Exclusions. |