[squid-users] [SOLVED] Re: Using group names that include white spaces with external auth from Jose Ildefonso Camargo Tolosa on 2008-06-22 (squid-users)

From: Jose Ildefonso Camargo Tolosa <ildefonso.camargo_at_gmail.com>
Date: Mon, 23 Jun 2008 21:27:27 +1930

Hi!

So, I got the answer..... duh.... include the group name from a file, like this:

acl group_name external ldap_group "/path/to/file"

and in the file, the group name.

I still don't understand why does the %20 doesn't work, but there is
this workaround.

Thanks!

Ildefonso.

On Sat, Jun 21, 2008 at 7:22 PM, Jose Ildefonso Camargo Tolosa
<ildefonso.camargo_at_gmail.com> wrote:
> Hi!
>
> I'm trying to use group names that include white spaces (such as
> "Group Name") with external auths.
>
> I got some ACLs defined like this:
>
> external_acl_type ldap_group %LOGIN /usr/lib/squid/squid_ldap_group -W
> /etc/squid/squid_ldap.secret -D "cn=Manager,dc=test,dc=local" -b
> "ou=Internet,ou=Groups,dc=test,dc=local" -f
> "(&(objectclass=posixGroup)(cn=%g)(memberUid=%u))" -h 127.0.0.1 -P -v
> 3 -B "ou=People,ou=Users,dc=test,dc=local"
>
> acl group_name external ldap_group Group%20Name
> acl anotheracl external ldap_group anothergroup
>
> http_access allow group_name
> http_access allow anotheracl
> http_access deny all
>
> It actually works for anotheracl (which doesn't have white spaces) ,
> but it doesn't for group_name. The problem: the white space.
>
> If I get that string and feed that directly to the squid_ldap program,
> it works!, I tried this:
>
> run:
> /usr/lib/squid/squid_ldap_group -W /etc/squid/squid_ldap.secret -D
> "cn=Manager,dc=test,dc=local" -b
> "ou=Internet,ou=Groups,dc=test,dc=local" -f
> "(&(objectclass=posixGroup)(cn=%g)(memberUid=%u))" -h 127.0.0.1 -P -v
> 3 -B "ou=People,ou=Users,dc=test,dc=local"
>
> type:
> user1 Group%20Name
> and it answered:
> OK
>
> off course, user1 is a member of "Group Name"
>
> So, the %20 trick should work, but then.... from the squid.conf , it doesn't.
>
> I also tried these variations without success:
> acl group_name external ldap_group Group Name
> acl group_name external ldap_group Group\ Name
> acl group_name external ldap_group "Group Name"
> acl group_name external ldap_group Group%%20Name
> acl group_name external ldap_group Group\%20Name
>
> Any ideas?
>
> Thanks in advance,
>
> Ildefonso Camargo
>
Received on Mon Jun 23 2008 - 01:57:32 MDT

This archive was generated by hypermail 2.2.0 : Mon Jun 23 2008 - 12:00:05 MDT