Re: [squid-users] 2 questions

From: Henrik Nordstrom <hno@dont-contact.us>
Date: Wed, 5 Nov 2003 22:41:32 +0100 (CET)

I would recommend you to try upgrade to Squid-2.5 and also to use the
winbind basic authenticator helper..

Regards
Henrik

On Wed, 5 Nov 2003, Elton S. Fenner wrote:

>
>
>
> Sorry, my mistake
>
> squid 2.4.7
> samba 2.2.8
>
> This lines included in squid.conf
> --- begin ---
> authenticate_program /usr/local/bin/smb_auth -W MYDOMAIN
> acl domainusers proxy_auth REQUIRED
> http_access allow domainusers
> --- end ---
>
> I have made a test with browser and usernames with dot get failed,
> usernames without dot works fine.
>
> Thanks again.
>
> Regards.
>
> Elton
>
>
>
> ---------- Cabeçalho inicial -----------
>
> De: Henrik Nordstrom <hno@squid-cache.org>
> Para: "Elton S. Fenner" <efenner@terra.com.br>
> Cópia: squid-users@squid-cache.org
> Data: Wed, 05 Nov 2003 16:50:41 +0100
> Assunto: Re: [squid-users] 2 questions
>
> > On Wed, 5 Nov 2003, Elton S. Fenner wrote:
> >
> > > 1- I made some authentication tests and when the username has no dot
> > > it goes fine, but the username pattern is "firstname.lastname" (with a
> > > dot between first and last name), so I get error on authentication. Is
> > > there a way too authenticate such users?
> >
> > What authentication backend are you using?
> >
> > Squid does not care what structure your login names is using. This is a
> > business between your users and the authentication backend database
> used.
> >
> > > Second question:
> > > 2- I would like to know what is the sequence of events in this
> scenario:
> > >
> > > client browser
> > > ||
> > > \/
> > > local proxy (with authentication and squidGuarg)
> > > ||
> > > \/
> > > parent proxy (no authebticatiob, no bloks)
> > > ||
> > > \/
> > > internet
> > >
> > > When a user requests a URL what happens first, and next step, and
> > > then... till he gets a block page or the requested page.
> >
> >
> > 1. Browser sends requests to local proxy.
> >
> > 2. Local proxy verifies it's http_access requirements, including
> > authentication.
> >
> > 3a. If user not yet authenticated request is denied requesting
> > authentication.
> >
> > 3b. Request is sent to squidGuard
> >
> > 4a. squidGuard either returns the request to Squid for further
> processing
> >
> > 4b. or returns that the request was blocked.
> >
> > 5. reques
>
> > 6. parent proxy checks it's http_access rules
> >
> > 7. request forwarded to Internet
> >
> > 8. Response from Internet to parent proxy
> >
> > 9. Response from parent proxy to local proxy
> >
> > 10. Response from local proxy to client.
> >
> >
> > Regards
> > Henrik
> >
> >
> > Esta mensagem foi verificada pelo E-mail Protegido Terra.
> > Scan engine: VirusScan / Atualizado em 31/10/2003 / Versão: 1.4.0
> > Proteja o seu e-mail Terra: http://www.emailprotegido.terra.com.br/
> >
> >
>
>
>
>
> Elton S. Fenner
> efenner@terra.com.br
>
> (o<
> //\
> V_/_
> Seja livre nao use software
> pirata use Linux.
> -------------------
>
>
Received on Wed Nov 05 2003 - 14:41:37 MST

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:21:08 MST