Hi,
I'm running Squid 2.6.STABLE12 on a sles10 with a Novell Backend.
I have a script (IPUser) for a type of single sign-on with the novellsystem.
This script uses the ip-address to get the user which is logged in at
this address.
In combination with speedcheck for the delay pools which uses the login
of the user i have a problem.
The problem is that the script for the single sign-on didn't seem to set
the %LOGIN variable.
Because of that, speedcheck initiate a normale authentification with the
user, using the program defined inauth_param program and by making that
disable the single sign-on.
To leave the speedcheck out of the http_access would disable the
delaypools because of the fastlookup on the delay pool acl.
That means that i ether have the delay pools running or the single sign-on.
Has anybody a idea to get both running?
Thanks in advance
parts of the squid.conf:
external_acl_type IPUser ttl=10 %SRC /usr/sbin/squid_auth.pl
external_acl_type speedcheck2 %LOGIN /usr/bin/java -jar
/opt/proxy/user.jar 2
auth_param basic program /usr/sbin/squid_ldap_auth -u cn -b o=Edu -H
ldaps://192.168.148.10 -f "(&(objectclass=user)(cn=%s))" -v 3
acl speed2 external speedcheck2
acl auth proxy_auth REQUIRED
acl ipuser external IPUser
http_access deny ipuser !ipuser
http_access deny speedcheck2 !speedcheck2
http_access allow auth
http_access deny all
delay_pools 1
delay_class 1 2
delay_access 1 allow speed2
delay_access 1 deny all
delay_parameters 1 -1/-1 64000/64000
Received on Tue Sep 04 2007 - 07:30:39 MDT
This archive was generated by hypermail pre-2.1.9 : Mon Oct 01 2007 - 12:00:02 MDT