Re: [squid-users] Squid Authentication + ldap/samba

Hi,

i really wanna is to authenticated on ldap, but the browser not to show
a pop-up,
 it's possible? samba ( maybe ntlm ?)

what does the [skipped], does ?

thanks

Sergey A. Kobzar wrote:
> Hello Duarte,
>
> If you want authenticate users from LDAP only, this configuration is
> enough:
>
> auth_param basic program /usr/local/libexec/squid/squid_ldap_auth -b "ou=People,dc=test,dc=com" ldap.test.com
> auth_param basic children 5
> auth_param basic realm Squid proxy-caching web server
> [skipped]
> acl ldap_users proxy_auth REQUIRED
> [skipped]
> http_access allow ldap_users
>
>
> Thursday, May 10, 2007, 1:17:34 PM, you wrote:
>
>
>> Hi there
>>
>
>
>> I´m trying to set up squid whit authentication, but i would need it
>> asking the user the credencials.
>>
>
>
>> Allrdy set up an "squid_ldap_auth" but a login prompt comes, every time.
>>
>
>
>> trying now with "squid_ldap_group", but still nothing, from the Unix
>> prompt i can authenticate a user whit some filter. where some info :
>>
>
>
>> Squid.conf
>> -------
>> *external_acl_type InetGroup %LOGIN
>> /usr/local/libexec/squid/squid_ldap_group -R -b "dc=pnp,dc=com" -f
>> "(&(uid=%u)(gidNumber=%g)(homePhone=1))" -v 3
>>
>
>
>> acl InetAccess external InetGroup 513
>> http_access allow InetAccess
>> -------
>> *Ldap info
>> -----
>> ldapsearch -vLx -b "dc=pnp,dc=com" "(uid=duarte)"
>>
>
>
>> result :
>> # duarte, Users, pnp.com
>> dn: uid=duarte,ou=Users,dc=pnp,dc=com
>> objectClass: top
>> objectClass: person
>> ...
>>
>
>
>> sn: duarte
>> givenName: duarte
>> uid: duarte
>> uidNumber: 1002
>> gidNumber: 513
>> ...
>>
>
>
>> # numResponses: 2
>> # numEntries: 1
>> ------
>> From the prompt on Unix :
>> /usr/local/libexec/squid/squid_ldap_group -R -b "dc=pnp,dc=com" -f
>> "(&(uid=%u)(gidNumber=%g))" -v 3
>> duarte 513
>> OK
>>
>
>
>
>> so my question is.. whit the browser not authenticating whit squid ?
>>
>
>
>> Thanks in advance.
>>
>
>
>
>
>
>
>
>
>
Received on Thu May 10 2007 - 05:10:50 MDT