Re: [squid-users] Patch for Group LDAP Authentication with Squid 2.4.STABLE2

Do you sometimes read my answers? :-)
I made a fast work and didn't developed anything and I don't envisage to do
so...
I've read the documentations about the external acl mechanism.

My actual patch works fine... I've included it in a package with automated
compilation/installation/configuration/test scripts and documentation. I'm
OK to use the external acl right now in my company if I can have a full
functional system, packaged and documented, which will work in production
environment at 16:00 today (1h30 left). The one I use actually has been
tested and I'm going to install it on a server.

I know I don't use the best solution but the essential here is to obtain a
full functional system. When we'll be ready with external acl mechanism,
we'll transfer the programs.

There are old computer all around the world which have been ran perfectly in
their server role with no problem for a lot of years, they don't always need
to be upgraded. But when great new versions are released, it can be
interessant..

Good developments...

Alexis Bosson

-----Original Message-----
From: Henrik Nordstrom <hno@squid-cache.org>
To: Alexis Bosson <abosson@partner.auchan.com>; squid-users@squid-cache.org
<squid-users@squid-cache.org>
Date: Monday, October 15, 2001 1:57 PM
Subject: Re: [squid-users] Patch for Group LDAP Authentication with Squid
2.4.STABLE2

It is not that the patch as such is bad (have no opinion on the quality
of the patch), but the core Squid developers have selected a different
and more generic approach to the problem of authorization groups.

http://devel.squid-cache.org/external_acl/

Implements the required framework, but it remains to write different
helpers for different types of authorization groups such as LDAP groups
and some minor integration with proxy authentication left still to make
it easier to configure (currently requires the help of a proxy_auth ACL
to perform the login if you are basing your external groups on logins)

I'd also recommend anyone hacking or considering to hack on the Squid
code to pay a visit to devel.squid-cache.org (aka
squid.sourceforge.net).

Regards
Henrik Nordström
Squid Hacker

Alexis Bosson wrote:
>
> I saw this, but I'm not the author of this patch, I don't even understood
> all this code. The only thing I did is the port from version 2..3.Stable3
to
> version 2.4.Stable2, which is a simple transposition of the code between
two
> sets of files.
> The author wants to enhance this code in order to be "much less invasive
> into the core squid code", as it's said in his mail below. Please contact
> him(tocrawle@sourceforge.net) for questions related to this development.
> I had to get as fast as possible a functional version of Squid with Ldap
> Group authentication, so I made the port, but I didn't developed anything
(I
> wasn't able to do this). I hope that a clean version will be available in
> the next weeks or months, and at that time we'll maybe change our proxies
> (recompilation of the programs and automatic translation of the squid.conf
> files) with a short automated script.
> I'm sorry to give the Squid community a bad patch, but I only share the
> result of a short work...
>
> I hope this is understandable. Regards,
>
> Alexis Bosson
>
> -----Original Message-----
> From: Henrik Nordstrom <hno@squid-cache.org>
> To: Alexis Bosson <abosson@partner.auchan.com>
> Date: Thursday, October 11, 2001 7:17 PM
> Subject: Re: [squid-users] Patch for Group LDAP Authentication with Squid
> 2.4.STABLE2
>
> Please note that the Squid developers have selected a slightly different
> approach on group authorization. See
> http://devel.squid-cache.org/external_acl/
>
> Regards
> Henrik Nordström
> Squid Hacker
>
> Alexis Bosson wrote:
> >
> > The author of this patch said :
> >
> > >I'm in the process of moving the project from fatgut.org
> > >to sourceforge.net. I'll post your patch there as soon as
> > >I get the project up.
> > >I'm also in the process of writing a new version that is
> > >much less invasive
> > >into the core squid code. I hope to have it avaiable in a
> > >few weeks.
> >
> > Actually, you can contact me to obtain this patch, but i'll be soon
> > available on http://sourceforge.net/projects/group-ldap-auth/
> >
> > Regards,
> >
> > Alexis Bosson
> > -----Original Message-----
> > From: David Van Zeebroeck <david.van.zeebroeck@switch.be>
> > To: 'Alexis Bosson' <abosson@partner.auchan.com>
> > Date: Wednesday, October 10, 2001 4:24 PM
> > Subject: RE: [squid-users] Patch for Group LDAP Authentication with
> > Squid 2.4.STABLE2
> >
> > hello
> >
> > i'm verry interested in your patch
> >
> > could you post it on a webpage or send it to me?
> >
> > i would realy like it
> >
> > thank you
> >
> > -----Original Message-----
> > From: Alexis Bosson [mailto:abosson@partner.auchan.com]
> > Sent: Monday 8 October 2001 09:41
> > To: Squid Users
> > Cc: tocrawle@users.sourceforge.net
> > Subject: [squid-users] Patch for Group LDAP Authentication with
Squid
> > 2.4.STABLE2
> >
> > Hello all Squid Users,
> >
> > There was a patch available on
> > http://www.fatgut.org/squid/group_ldap_auth/
> > to support "User and Group LDAP Authentication" with Squid. As it
was
> > available only for versions 2.3.STABLE1, 2.3.STABLE2, and
2.3.STABLE3,
> > I've
> > ported it to Squid 2.4 Stable 2 for my company's use. Of course, we
> want
> > to
> > release it to the Free Software Community. Where can I send my
patch?
> > --
> > Alexis BOSSON - System administrator & Web developper
> > E-mail : alexis.bosson@libertysurf.fr
Received on Mon Oct 15 2001 - 07:45:37 MDT