Re: [squid-users] Squid Authentication + ldap/samba

From: Duarte Lázaro <duarte.lazaro@dont-contact.us>
Date: Thu, 10 May 2007 12:30:40 +0100

Ok, i think i´m not explaining so good.

I have allready squid authentication, what i need is that the browser
does not show the prompt just get the credencials whitout prompting the
user, for example me user is part of a domain só thé get the user from
the computer and the user would not have the need to type it, is there
any way ?

Sergey A. Kobzar wrote:
> Hello Duarte,
>
> Thursday, May 10, 2007, 2:09:05 PM, you wrote:
>
>
>> Hi,
>>
>
>
>> i really wanna is to authenticated on ldap, but the browser not to show
>> a pop-up,
>> it's possible? samba ( maybe ntlm ?)
>>
>
> I gave you working configuration. Just forgot about -v 3 option. :)
>
>
>> what does the [skipped], does ?
>>
>
> Line from standard Squid's config.
>
> Show
> tail -f /path/to/squid.conf
> tail -f /path/to/slapd.conf
>
> ?
>
>
>> thanks
>>
>
>
>> Sergey A. Kobzar wrote:
>>
>>> Hello Duarte,
>>>
>>> If you want authenticate users from LDAP only, this configuration is
>>> enough:
>>>
>>> auth_param basic program /usr/local/libexec/squid/squid_ldap_auth -b "ou=People,dc=test,dc=com" ldap.test.com
>>> auth_param basic children 5
>>> auth_param basic realm Squid proxy-caching web server
>>> [skipped]
>>> acl ldap_users proxy_auth REQUIRED
>>> [skipped]
>>> http_access allow ldap_users
>>>
>>>
>>> Thursday, May 10, 2007, 1:17:34 PM, you wrote:
>>>
>>>
>>>
>>>> Hi there
>>>>
>>>>
>>>
>>>
>>>> I´m trying to set up squid whit authentication, but i would need it
>>>> asking the user the credencials.
>>>>
>>>>
>>>
>>>
>>>> Allrdy set up an "squid_ldap_auth" but a login prompt comes, every time.
>>>>
>>>>
>>>
>>>
>>>> trying now with "squid_ldap_group", but still nothing, from the Unix
>>>> prompt i can authenticate a user whit some filter. where some info :
>>>>
>>>>
>>>
>>>
>>>> Squid.conf
>>>> -------
>>>> *external_acl_type InetGroup %LOGIN
>>>> /usr/local/libexec/squid/squid_ldap_group -R -b "dc=pnp,dc=com" -f
>>>> "(&(uid=%u)(gidNumber=%g)(homePhone=1))" -v 3
>>>>
>>>>
>>>
>>>
>>>> acl InetAccess external InetGroup 513
>>>> http_access allow InetAccess
>>>> -------
>>>> *Ldap info
>>>> -----
>>>> ldapsearch -vLx -b "dc=pnp,dc=com" "(uid=duarte)"
>>>>
>>>>
>>>
>>>
>>>> result :
>>>> # duarte, Users, pnp.com
>>>> dn: uid=duarte,ou=Users,dc=pnp,dc=com
>>>> objectClass: top
>>>> objectClass: person
>>>> ...
>>>>
>>>>
>>>
>>>
>>>> sn: duarte
>>>> givenName: duarte
>>>> uid: duarte
>>>> uidNumber: 1002
>>>> gidNumber: 513
>>>> ...
>>>>
>>>>
>>>
>>>
>>>> # numResponses: 2
>>>> # numEntries: 1
>>>> ------
>>>> From the prompt on Unix :
>>>> /usr/local/libexec/squid/squid_ldap_group -R -b "dc=pnp,dc=com" -f
>>>> "(&(uid=%u)(gidNumber=%g))" -v 3
>>>> duarte 513
>>>> OK
>>>>
>>>>
>>>
>>>
>>>> so my question is.. whit the browser not authenticating whit squid ?
>>>>
>>>>
>>>
>>>
>>>> Thanks in advance.
>>>>
>>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>
>
>
>
Received on Thu May 10 2007 - 05:32:23 MDT

This archive was generated by hypermail pre-2.1.9 : Fri Jun 01 2007 - 12:00:04 MDT