RE: [squid-users] LDAP Authentication with Umlauts

From: Henrik Nordstrom <>
Date: Mon, 07 Jul 2008 13:56:49 +0200

On fre, 2008-07-04 at 10:30 +0200, Henrik Nordstrom wrote:
> On tor, 2008-07-03 at 12:39 +0200, wrote:
> > Hi,
> >
> > I also had problems with umlauts. We use our Lotus Domino Server as LDAP
> > server and since an update from version 6.5 to 8, our users are unable to
> > authenticate via IE or Firefox if their password contains umlauts.
> > We are running squid on BSD and Linux and on both system you are able to
> > authenticate using squid_ldap_auth on command line.
> > I figured out that if you use the command line (set to utf-8) the utf-8
> > code will be send and if you try to use IE or Firefox the ASCII code will
> > be send.
> > So I wrote a small work around by adding a new function
> > rfc1738_unescape_with_utf to squid_ldap_auth.c. The base content is the
> > original function rfc1738_unescape, but I added a switch statement to
> > change the character representation from ascii to utf-8 (see code for
> > german special chars below).
> Can you try the attached patch instead? It tries to address the problem
> in a generic manner.

After thinking this over a bit more your approach of translating to utf8
at input is better. But even better is to do it in Squid before the
request is sent instead of each helper..

I have now committed a change adding generic UTF-8 transpation to
Squid-2 & 3, adding an auth_param basic utf8 parameter to enable UTF-8
translation of usernames & passwords.


Received on Mon Jul 07 2008 - 11:56:53 MDT

This archive was generated by hypermail 2.2.0 : Mon Jul 07 2008 - 12:00:04 MDT