Parameters for the basic scheme follow

=== Parameters for the basic scheme follow. ===
#
#    "program" cmdline
#    Specify the command for the external authenticator.  Such a program
#    reads a line containing "username password" and replies "OK" or
#    "ERR" in an endless loop. "ERR" responses may optionally be followed
#    by a error description available as %m in the returned error page.
#
#    By default, the basic authentication scheme is not used unless a
#    program is specified.
#
#    If you want to use the traditional proxy authentication, jump over to
#    the helpers/basic_auth/NCSA directory and type:
#        % make
#        % make install
#
#    Then, set this line to something like
#
#    auth_param basic program /usr/libexec/ncsa_auth /usr/etc/passwd
#
#    "children" numberofchildren
#    The number of authenticator processes to spawn. If you start too few
#    squid will have to wait for them to process a backlog of credential
#    verifications, slowing it down. When credential verifications are
#    done via a (slow) network you are likely to need lots of
#    authenticator processes.
#    auth_param basic children 5
#
#    "concurrency" numberofconcurrentrequests
#    The number of concurrent requests/channels the helper supports.
#    Changes the protocol used to include a channel number first on
#    the request/response line, allowing multiple requests to be sent
#    to the same helper in parallell without wating for the response.
#    Must not be set unless it's known the helper supports this.
#
#    "realm" realmstring
#    Specifies the realm name which is to be reported to the client for
#    the basic proxy authentication scheme (part of the text the user
#    will see when prompted their username and password).
#    auth_param basic realm Squid proxy-caching web server
#
#    "credentialsttl" timetolive
#    Specifies how long squid assumes an externally validated
#    username:password pair is valid for - in other words how often the
#    helper program is called for that user. Set this low to force
#    revalidation with short lived passwords.  Note that setting this high
#    does not impact your susceptibility to replay attacks unless you are
#    using an one-time password system (such as SecureID). If you are using
#    such a system, you will be vulnerable to replay attacks unless you
#    also use the max_user_ip ACL in an http_access rule.
#    auth_param basic credentialsttl 2 hours
#
#    "casesensitive" on|off
#    Specifies if usernames are case sensitive. Most user databases are
#    case insensitive allowing the same username to be spelled using both
#    lower and upper case letters, but some are case sensitive. This
#    makes a big difference for user_max_ip ACL processing and similar.
#    auth_param basic casesensitive off