[squid-users] Betr.: Re: [squid-users] Radius Auth / Squid-2.5r6

From: Janno de Wit <Wit@dont-contact.us>
Date: Fri, 21 Jan 2005 16:52:40 +0100

Henrik,

Just tommorow I catched the problem :-) with debug loggins:

2005/01/21 08:32:33| authenticateDecodeAuth: header = 'Basic
<secretbase64>=='
2005/01/21 08:32:33| authenticateBasicDecodeAuth: cleartext =
'j.de.wit:secret'
2005/01/21 08:32:33| authBasicAuthUserFindUsername: Looking for user
'j.de.wit'
2005/01/21 08:32:33| authBasicDecodeAuth: Creating new user 'j.de.wit'
2005/01/21 08:32:33| authenticateAuthUserLock auth_user '0xc6f3be8'.
2005/01/21 08:32:33| authenticateAuthUserLock auth_user '0xc6f3be8' now
at '1'.
2005/01/21 08:32:33| authenticateAuthUserLock auth_user '0xc6f3be8'.
2005/01/21 08:32:33| authenticateAuthUserLock auth_user '0xc6f3be8' now
at '2'.
2005/01/21 08:32:33| authenticateValidateUser: Validating Auth_user
request '0xc1c5f28'.
2005/01/21 08:32:33| authenticateValidateUser: Validated Auth_user
request '0xc1c5f28'.
2005/01/21 08:32:33| authenticateValidateUser: Validating Auth_user
request '0xc1c5f28'.
2005/01/21 08:32:33| authenticateValidateUser: Validated Auth_user
request '0xc1c5f28'.
2005/01/21 08:32:33| User not authenticated or credentials need
rechecking.
2005/01/21 08:32:33| authenticateValidateUser: Validating Auth_user
request '0xc1c5f28'.
2005/01/21 08:32:33| authenticateValidateUser: Validated Auth_user
request '0xc1c5f28'.
2005/01/21 08:32:33| User not authenticated or credentials need
rechecking.
2005/01/21 08:32:33| authenticateValidateUser: Validating Auth_user
request '0xc1c5f28'.
2005/01/21 08:32:33| authenticateValidateUser: Validated Auth_user
request '0xc1c5f28'.
2005/01/21 08:32:33| authenticateStart: auth_user_request '0xc1c5f28'
2005/01/21 08:32:33| authenticateStart: 'j.de.wit:secret'
2005/01/21 08:32:33| authenticateAuthUserRequestLock auth_user request
'0xc1c5f28'.
2005/01/21 08:32:33| authenticateAuthUserRequestLock auth_user request
'0xc1c5f28' now at '2'.
2005/01/21 08:32:33| helperDispatch: Request sent to basicauthenticator
#1, 14 bytes
2005/01/21 08:32:33| helperSubmit: j.de.wit secret

2005/01/21 08:32:33| authenticateValidateUser: Validating Auth_user
request '(nil)'.
2005/01/21 08:32:33| authenticateValidateUser: Auth_user_request was
NULL!
2005/01/21 08:32:33| authenticateFixHeader: headertype:34
authuser:(nil)
2005/01/21 08:32:33| authenticateFixErrorHeader: Sending type:34
header: 'Basic realm="Kliksafe Filter login"'
2005/01/21 08:32:35| authenticateValidateUser: Validating Auth_user
request '(nil)'.
2005/01/21 08:32:35| authenticateValidateUser: Auth_user_request was
NULL!
2005/01/21 08:32:35| authenticateFixHeader: headertype:34
authuser:(nil)
2005/01/21 08:32:35| authenticateFixErrorHeader: Sending type:34
header: 'Basic realm="Kliksafe Filter login"'
2005/01/21 08:32:36| helperHandleRead: 12 bytes from basicauthenticator
#1.
2005/01/21 08:32:36| helperHandleRead: end of reply found
2005/01/21 08:32:36| authenticateBasicHandleReply: {ERR timeout}
2005/01/21 08:32:36| authenticateValidateUser: Validating Auth_user
request '0xc1c5f28'.
2005/01/21 08:32:36| authenticateValidateUser: Validated Auth_user
request '0xc1c5f28'.
2005/01/21 08:32:36| authenticateValidateUser: Validating Auth_user
request '0xc1c5f28'.
2005/01/21 08:32:36| authenticateValidateUser: Validated Auth_user
request '0xc1c5f28'.
2005/01/21 08:32:36| User not authenticated or credentials need
rechecking.
2005/01/21 08:32:36| authenticateValidateUser: Validating Auth_user
request '0xc1c5f28'.
2005/01/21 08:32:36| authenticateValidateUser: Validated Auth_user
request '0xc1c5f28'.
2005/01/21 08:32:36| User not authenticated or credentials need
rechecking.
2005/01/21 08:32:36| authenticateValidateUser: Validating Auth_user
request '0xc1c5f28'.
2005/01/21 08:32:36| authenticateValidateUser: Validated Auth_user
request '0xc1c5f28'.
2005/01/21 08:32:36| User not authenticated or credentials need
rechecking.
2005/01/21 08:32:36| authenticateAuthUserRequestLock auth_user request
'0xc1c5f28'.
2005/01/21 08:32:36| authenticateAuthUserRequestLock auth_user request
'0xc1c5f28' now at '3'.
2005/01/21 08:32:36| authenticateAuthUserRequestUnlock auth_user
request '0xc1c5f28'.
2005/01/21 08:32:36| authenticateAuthUserRequestUnlock
auth_user_request '0xc1c5f28' now at '2'.
2005/01/21 08:32:36| authenticateAuthUserRequestLock auth_user request
'0xc1c5f28'.
2005/01/21 08:32:36| authenticateAuthUserRequestLock auth_user request
'0xc1c5f28' now at '3'.
2005/01/21 08:32:36| authenticateFixHeader: headertype:34
authuser:0xc1c5f28
2005/01/21 08:32:36| authenticateValidateUser: Validating Auth_user
request '0xc1c5f28'.
2005/01/21 08:32:36| authenticateValidateUser: Validated Auth_user
request '0xc1c5f28'.
2005/01/21 08:32:36| User not authenticated or credentials need
rechecking.
2005/01/21 08:32:36| authenticateFixErrorHeader: Sending type:34
header: 'Basic realm="Kliksafe Filter login"'
2005/01/21 08:32:36| authenticateFixHeader: headertype:34
authuser:0xc1c5f28
2005/01/21 08:32:36| authenticateAuthUserRequestUnlock auth_user
request '0xc1c5f28'.
2005/01/21 08:32:36| authenticateAuthUserRequestUnlock
auth_user_request '0xc1c5f28' now at '2'.
2005/01/21 08:32:36| authenticateAuthUserRequestUnlock auth_user
request '0xc1c5f28'.
2005/01/21 08:32:36| authenticateAuthUserRequestUnlock
auth_user_request '0xc1c5f28' now at '1'.
2005/01/21 08:32:36| authenticateAuthUserRequestUnlock auth_user
request '0xc1c5f28'.
2005/01/21 08:32:36| authenticateAuthUserRequestUnlock
auth_user_request '0xc1c5f28' now at '0'.
2005/01/21 08:32:36| authenticateAuthUserRequestFree: freeing request
0xc1c5f28
2005/01/21 08:32:36| authenticateAuthUserUnlock auth_user '0xc6f3be8'.
2005/01/21 08:32:36| authenticateAuthUserUnlock auth_user '0xc6f3be8'
now at '1'.
2005/01/21 08:32:36| authenticateAuthUserRequestLock auth_user request
'0xc1c5f28'.
2005/01/21 08:32:36| authenticateAuthUserRequestLock auth_user request
'0xc1c5f28' now at '1'.

Does this mean that my helpers have timeouts?

Thanks, Janno.

>>> Henrik Nordstrom <hno@squid-cache.org> 20-1-2005 16:55:42 >>>
On Wed, 19 Jan 2005, Janno de Wit wrote:

> Is there a TTL for negative basic auth results?

No, only on positive auth results.

> How can I debug the interaction between squid and
> authorization-helpers?

debug_options ALL,1 29,9 84,9

then see cache.log for details on the auth progress.

Be warned that your logs will contain usernames+passwords in plain text

when doing this.

Regards
Henrik
Received on Fri Jan 21 2005 - 08:53:09 MST

This archive was generated by hypermail pre-2.1.9 : Mon Mar 07 2005 - 12:59:36 MST