Re: [squid-users] NTLM_auth and usernames with spaces and %20 in log file.

From: Henrik Nordstrom <hno@dont-contact.us>
Date: Wed, 24 Sep 2003 02:41:42 +0200 (CEST)

On Tue, 23 Sep 2003, Charlie Grosvenor wrote:

> I am using NTLM_auth to authenticate users against an nt domain. All of the
> users on the nt domain are in the form of firstname lastname e.g. charlie
> grosvenor this is causing problems as squid seems to write the log files
> with a %20 instead of a space e.g.

It is meant to. Squid writes log fields with "unsafe" data in URL-encoded
format. This to allow non-ambigous processing of the log file.

Squid can not write spaces in the username field as it then becomes
uncertain to other programs who read access.log where the username field
ends and the next field begins.

> Is this what is should be doing or is this a bug? This is causing me
> problems as it seems to confuse sarg (program to create html access reports,
> passes squids access.log) and squidguard (filtering software). Is there any
> way to get squid to write a space instead of a %20?

sarg will not work at all if you do as it then will not be able to
correctly identify the different fields in access.log.

If you want the report to look better in sarg then modify the part of sarg
where the html result is created to print login names in URL-decoded
format.

it is not even relevant to SquidGuard what is written in access.log.
SquidGuard uses the redirector interface, not access.log. Looking at the
redirector interface I notice this protection of the username field is
missing from the redirector interface making a mess for any redirectors if
usernames contains spaces. This should be corrected to use URL-encoding of
usernames before sent to redirectors.

Regards
Henrik
Received on Tue Sep 23 2003 - 18:41:46 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:20:00 MST