Re: [squid-users] Digest Ldap Authentication got failed for some user accounts from Amos Jeffries on 2009-10-13 (squid-users)

From: Amos Jeffries <squid3_at_treenet.co.nz>
Date: Wed, 14 Oct 2009 13:56:19 +1300

On Tue, 13 Oct 2009 21:14:52 +0200, Henrik Nordstrom
<henrik_at_henriknordstrom.net> wrote:
> I think you have encountered some internal bug. Please file a bug report
> at http://bugs.squid-cache.org/
>

Please verify it remains a problem in the latest 3.0.STABLE* first though.

Amos

>
> mån 2009-10-12 klockan 20:13 +0530 skrev sankar m:
>> Dear Sir,
>>
>> On Mon, Oct 12, 2009 at 7:51 PM, Henrik Nordstrom
>> <henrik_at_henriknordstrom.net> wrote:
>> > Which Squid version?
>> >
>>
>> Squid 3.0 STABLE 15.
>>
>> System kernel and architecture:
>> 2.6.18-6-amd64 #1 SMP Fri Dec 12 05:49:32 UTC 2008 x86_64 GNU/Linux
>>
>> > mån 2009-10-12 klockan 10:20 +0530 skrev sankar m:
>> >> Dear Sir,
>> >>
>> >> Here are some additional details that may help.
>> >>
>> >> Unique authenticated users per proxy : 315 users/day
>> >> Proxy utilization per day : 20 GB per day
>> >> Squid Disk cache : Disabled
>> >>
>> >> System memory and load status:
>> >>
>> >> Mem: 8183880k total, 5938872k used, 2245008k free, 524284k
>> >> buffers
>> >> load average: 0.76, 0.65, 0.64
>> >>
>> >> System Processor : Intel(R) Xeon(R) CPU 2.83GHz Quad-Core
>> >> System Memory : 8 GB
>> >>
>> >> Please ask me for any additional information if required.
>> >>
>> >> Regards,
>> >> Sankar.M
>> >>
>> >> Squid configured with,
>> >>
>> >> # ./configure --prefix=/usr/local/squid
>> >> --localstatedir=/var/logs/squid --exec-prefix=/usr/local/squid
>> >> --enable-linux-netfilter --disable-ident-lookups
>> >> --with-filedescriptors=8192 --enable-snmp --enable-delay-pools
>> >> --enable-cache-digests --enable-poll --enable-truncate
>> >> --enable-removal-policies --enable-auth="basic digest"
>> >> --enable-auth-basic-helpers=squid_radius_auth
>> >> --enable-digest-auth-helpers=ldap
>> >>
>> >>
>> >> On 10/11/09, Henrik Nordstrom <henrik_at_henriknordstrom.net> wrote:
>> >> > lör 2009-10-10 klockan 20:23 +0530 skrev sankar m:
>> >> >
>> >> >> I'm using "digest_ldap_auth" with "Open Ldap" combination for
>> >> >> Digest
>> >> >> Authentication. It works well, but some users got authentication
>> >> >> failed. I'm able to get the valid hash from the LDAP server
through
>> >> >> the command line,
>> >> >
>> >> > Do these users have any "odd" characters in their password? Digest
>> >> > unfortunately only works reliably for us-ascii characters.
>> >> >
>> >> >> Note that I'm running FIVE squid servers. I successfully
>> >> >> authenticated
>> >> >> with 2nd proxy server using the same user account which got
failed
>> >> >> with the first proxy server. Squid returning the TCP_DENIED/407
>> >> >> response to the client. Same userid is working when I do restart
>> >> >> squid
>> >> >> (even reconfigure doesn't help), but I feel it is never be a
right
>> >> >> way. After the successful restart, some other accounts are not
>> >> >> working.
>> >> >
>> >> > Which Squid version?
>> >> >
>> >> > Regards
>> >> > Henrik
>> >> >
>> >> >
>> >
>> >
Received on Wed Oct 14 2009 - 00:56:44 MDT

This archive was generated by hypermail 2.2.0 : Wed Oct 14 2009 - 12:00:02 MDT