Hi,
I'm using squid-2.5.STABLE9 with basic/LDAP as authentication helper. In addition an external shell script (external_acl_type) to check for password expiry.
The script which basically does an ldapsearch for a given user, returning OK if outside the grace period resp. returning ERR if within the grace period.
So if a user authenticates to squid and is password is expired he gets an error-page which tells him to change his password.
My configuration looks like this:
external_acl_type passwd-expired_external ttl=5 concurrency=5 %LOGIN /export/home/squid/libexec/expire.sh [...]
http_access deny passwd-expired
deny_info ERR_PASSWORD_EXPIRED passwd-expired
This works fine with STABLE9. Now I tried to upgrade to STABLE14, but there is the following error:
If a password is expired, the script returns ERR. Because of an change in STABLE10 squid asks for new credentials in and endless loop. The user don't see the ERR_PASSWORD_EXPIRED error-page.
Is there any possibility to fix that?
Changes to squid-2.5.STABLE10 (17 May 2005):
- [Cosmetic] external acls requiring authentication did not request new credentials on access denials like proxy_auth does.
Regards,
Michael
-- Der GMX SmartSurfer hilft bis zu 70% Ihrer Onlinekosten zu sparen! Ideal für Modem und ISDN: http://www.gmx.net/de/go/smartsurfer -- Echte DSL-Flatrate dauerhaft für 0,- Euro*! "Feel free" mit GMX DSL! http://www.gmx.net/de/go/dslReceived on Tue Jun 27 2006 - 03:31:33 MDT
This archive was generated by hypermail pre-2.1.9 : Sat Jul 01 2006 - 12:00:02 MDT