O'Reilly Hacks
oreilly.comO'Reilly NetworkSafari BookshelfConferences Sign In/My Account | View Cart   
Book List Learning Lab PDFs O'Reilly Gear Newsletters Press Room Jobs  

Using OS X Software behind Proxy Authentication
There are many software tools, such as Software Update, iTunes and NetNewsWire that require transparent access to the Internet. Unfortunately, many corporate (and secure) environments require authentication (via username/password) to access the open Internet. This Hack shows how to use a personal proxy to allow Mac OS X tools to work, while still providing network security.

Contributed by:
Chad Thompson
[07/11/03 | Discuss (11) | Link to this hack]

A problem with using many OS X tools and software packages behind corporate proxies and firewalls is that many proxies and firewalls require you to authenticate to access the Internet. Unfortunately, the Mac OS X Preferences pane does not allow for storage of proxy authentication information.

However, there are proxy tools that *do* allow storage of authentication information. This Hack will use an easy to install package called "Squid Man", created by Tony Gray. (http://homepage.mac.com/adg/squidman.html). Squid Man is a graphical front end to the popular open source proxy server "Squid".

To install Squid Man, download the package, and install. The installer is typical of Mac OS X Applications: drag the icon to your applications folder. After the "Squid Man" icon is copied to your Applications folder, launch the application.

Before starting Squid Man, open the Preferences dialog. There are quite a few options listed in the Squid Man preferences pane, but we are interested in the "Parent" tab. In the Parent Tab, enter information provided by your friendly neighborhood firewall administrator.

(A note of caution: by default, Squid Man will create a proxy on port 8080. If you are running any other server software, such as Tomcat, on port 8080, you'll want to change this value.)

After setting this information, start Squid Man by pushing the 'Start' button. If everything goes well, the status message should change to "Squid is running".

Now that you have a local proxy with information about a 'parent' proxy, you'll need to adjust your network settings to use this proxy for HTTP traffic. Open the 'System Preferences' pane, click the 'Network' icon, and enter Proxy information for our new local proxy. (In the default case, designate the HTTP proxy to be localhost, port 8080. You may also wish to create a new 'Location' that uses the Squid proxy, such as "Work-Squid", or somesuch to make switching easier.)

With everything running, open a web browser. Attempt to access an external page (one that normally prompts for a username/password). If everything is set up correctly, you shouldn't be prompted. For further tests, you can attempt to access the iTunes music store, run the Apple Software Update, or any other items that may not currently work for you that require access to the Internet.

See also: http://homepage.mac.com/adg/squidman.html

O'Reilly Home | Privacy Policy

© 2007 O'Reilly Media, Inc.
Website: | Customer Service: | Book issues:

All trademarks and registered trademarks appearing on oreilly.com are the property of their respective owners.