If we want to enforce proxy authentication, we can add the following lines to our configuration file:

acl authenticated proxy_auth REQUIRED
http_access allow authenticated
http_access deny all

With the previous configuration, only authenticated users will be able to access the proxy server. If we want to specifically identify individual clients with usernames, we can pass a list of users as well. This may be needed if we want to give extra privileges to some users. For example:

acl authenticated proxy_auth REQUIRED acl admins proxy_auth john sarah acl special_website dstdomain admin.example.com http_access allow admins special_website http_access deny special_website http_access allow authenticated ...