[squid-users] Using LDAP authentication only on one cache_peer in Squid 3 STABLE 16

From: Eric Van Steenbergen <evan_at_tradisa.com>
Date: Tue, 24 Nov 2009 06:39:24 +0100

Hello all,

I'm trying to configure Squid to ask for authentication using LDAP but
ONLY on one cache_peer. Before I had it activated on all servers and
it worked perfectly. All the other webservers however have their own
authentication except this wiki.

This is what I have in my squid.conf in regards to this particular site.
Code:

cache_peer 172.25.XXX.XXX parent 80 0 no-query originserver name=wiki

acl site_wiki dstdomain wiki.tradisa.com
cache_peer_access wiki allow site_wiki
auth_param basic program /lib/squid3/squid_ldap_auth -R -b
"dc=domain,dc=es" -D "cn=squid,cn=Users,dc=domain,dc=es" -w "ldapuser"
-f sAMAccountName=%s -h 172.25.XXX.XXX

auth_param basic children 1
auth_param basic credentialsttl 5 minutes
cache_peer_access wiki deny all
acl wiki_users proxy_auth REQUIRED
cache_peer_access wiki allow wiki_users

http_access allow wiki_users

http_access deny all

however I go straight to the website without it asking for
authentication. If I put in the http_access rules as at the end of the
'code' part then authentication gets asked for all the sites. How
would I go about just configuring this one server so that it asks for
authentication?

LDAP authentication is working perfectly, it's just an error in my
definition as stated above. I'm missing something but I cannot see it.
Of course IPs and names have been changed before posting.

All help is greatly appreciated.

Kind regards,

Eric
Received on Tue Nov 24 2009 - 05:39:32 MST

This archive was generated by hypermail 2.2.0 : Tue Nov 24 2009 - 12:00:04 MST