RES: [squid-users] LDAP_auth

From: squid <squid@dont-contact.us>
Date: Thu, 3 Aug 2006 19:51:01 -0300

 I believe i didn't explain me quite correctly, i do have 2 linux boxes
running squid. The one that runs 2.4 is very old, runs NCSA authentication
and works fine. I used it only to show what kind of DNS error i expected, if
it was really a problem of dns. I expected a proxy error page, the one in
/usr/local/squid/share/errors/English/ERR_DNS_FAIL that logically has the
squid version it came from written in it. This is the proxy that works.
The proxy that does not work is a 2.6STABLE2 , running ldap_auth. It gives
me a dns error, but not the proxy one. The default DNS error page from the
browser i am using, either opera,Firefox or dammit IE6.0. Instead of giving
me the proxy error dns page.
Tks
Ciro
-----Mensagem original-----
De: Henrik Nordstrom [mailto:henrik@henriknordstrom.net]
Enviada em: quinta-feira, 3 de agosto de 2006 19:27
Para: squid
Cc: squid-users@squid-cache.org
Assunto: Re: [squid-users] LDAP_auth

tor 2006-08-03 klockan 19:02 -0300 skrev squid:

> .When given and existing account name and correct password the
helper
> answers an OK in a new line
>
> .When given unexisting account name, the helper answers an ERR in a
> new line
>
> .When given existing account name and incorrect password, the helper

> answer "ERR Success" in a new line

Good. The helper obviously works.

> My squid.conf is configured like this:
>
> acl all src 0.0.0.0/0.0.0.0
>
> auth_param basic program /usr/local/squid/libexec/squid_ldap_auth -R
> -b "DC=editora,DC=ess" -D "cn=Usuario
Internet,ou=Internet,dc=editora,dc=ess"
> -w 123456 -f sAMAccountName=%s -v3 -d 192.168.0.252

Looks fine..

> Generated Mon, 24 Jul 2006 19:55:58 GMT by access.ess.com.br
> (Squid/2.4.STABLE7)

Eum.. 2.4.STABLE7 is a bit old (4+ years). You may consider upgrading..
Current release is 2.6.STABLE2.

I have a vague memory of Squid not liking helper arguments with spaces in
old versions. Not sure if it applies to 2.4.STABLE7 but it probably does.
There is ways around it in such case, but I strongly recommend you to
consider upgrading first... Before upgrading it's good to read the release
notes first, both for Squid-2.5 and 2.6.

Regards
Henrik
Received on Thu Aug 03 2006 - 16:54:13 MDT

This archive was generated by hypermail pre-2.1.9 : Fri Sep 01 2006 - 12:00:01 MDT