Re[2]: [squid-users] Squid Authentication + ldap/samba

From: Sergey A. Kobzar <ksa@dont-contact.us>
Date: Thu, 10 May 2007 14:14:27 +0300

Hello Duarte,

Thursday, May 10, 2007, 2:09:05 PM, you wrote:

> Hi,

> i really wanna is to authenticated on ldap, but the browser not to show
> a pop-up,
> it's possible? samba ( maybe ntlm ?)

I gave you working configuration. Just forgot about -v 3 option. :)

> what does the [skipped], does ?

Line from standard Squid's config.

Show
tail -f /path/to/squid.conf
tail -f /path/to/slapd.conf

?

> thanks

> Sergey A. Kobzar wrote:
>> Hello Duarte,
>>
>> If you want authenticate users from LDAP only, this configuration is
>> enough:
>>
>> auth_param basic program /usr/local/libexec/squid/squid_ldap_auth -b "ou=People,dc=test,dc=com" ldap.test.com
>> auth_param basic children 5
>> auth_param basic realm Squid proxy-caching web server
>> [skipped]
>> acl ldap_users proxy_auth REQUIRED
>> [skipped]
>> http_access allow ldap_users
>>
>>
>> Thursday, May 10, 2007, 1:17:34 PM, you wrote:
>>
>>
>>> Hi there
>>>
>>
>>
>>> I´m trying to set up squid whit authentication, but i would need it
>>> asking the user the credencials.
>>>
>>
>>
>>> Allrdy set up an "squid_ldap_auth" but a login prompt comes, every time.
>>>
>>
>>
>>> trying now with "squid_ldap_group", but still nothing, from the Unix
>>> prompt i can authenticate a user whit some filter. where some info :
>>>
>>
>>
>>> Squid.conf
>>> -------
>>> *external_acl_type InetGroup %LOGIN
>>> /usr/local/libexec/squid/squid_ldap_group -R -b "dc=pnp,dc=com" -f
>>> "(&(uid=%u)(gidNumber=%g)(homePhone=1))" -v 3
>>>
>>
>>
>>> acl InetAccess external InetGroup 513
>>> http_access allow InetAccess
>>> -------
>>> *Ldap info
>>> -----
>>> ldapsearch -vLx -b "dc=pnp,dc=com" "(uid=duarte)"
>>>
>>
>>
>>> result :
>>> # duarte, Users, pnp.com
>>> dn: uid=duarte,ou=Users,dc=pnp,dc=com
>>> objectClass: top
>>> objectClass: person
>>> ...
>>>
>>
>>
>>> sn: duarte
>>> givenName: duarte
>>> uid: duarte
>>> uidNumber: 1002
>>> gidNumber: 513
>>> ...
>>>
>>
>>
>>> # numResponses: 2
>>> # numEntries: 1
>>> ------
>>> From the prompt on Unix :
>>> /usr/local/libexec/squid/squid_ldap_group -R -b "dc=pnp,dc=com" -f
>>> "(&(uid=%u)(gidNumber=%g))" -v 3
>>> duarte 513
>>> OK
>>>
>>
>>
>>
>>> so my question is.. whit the browser not authenticating whit squid ?
>>>
>>
>>
>>> Thanks in advance.
>>>
>>
>>
>>
>>
>>
>>
>>
>>
>>

-- 
Best regards,
 Sergey                            mailto:ksa@uaic.net
Received on Thu May 10 2007 - 05:14:34 MDT

This archive was generated by hypermail pre-2.1.9 : Fri Jun 01 2007 - 12:00:04 MDT