[squid-users] Re: Kerberos set-up is problematic

Update:

First a correction, it should've been "I know this information seems
rather limited"instead of "I know this information see".

I recompiled Squid with just Kerberos and still received the same error.

On Fri, Dec 11, 2009 at 9:58 AM, Robert Schenck <robschenck416_at_gmail.com> wrote:
> Hello,
>
> First: I'm an intern and know little of pretty much everything. Try to
> explain the best you can, please!
>
> I'm trying to set up Kerberos on a Squid proxy server (the server is
> to allow access to ip-based content away from the intranet, so it will
> be something like so: client --> internet --> VPN --> access to
> intranet --> proxy server --> ip-based content).
>
> Unfortunately, every time I connect to the proxy to connect to random
> webpage, I receive the error "Cache Access Denied". According to the
> guy who manages the Kerberos stuff around here, the machine is
> authenticated with Keberos and has a ticket...so apparently it's
> something to do with Squid (but don't necessarily rule out
> Keberos...he may be wrong)?
>
> I set-up Squid using Kerberos (note that prior to the Kerberos
> installation, Squid worked fine)doing exactly what was stated in this
> guide: http://klaubert.wordpress.com/2008/01/09/squid-kerberos-authentication-and-ldap-authorization-in-active-directory/.
> The "Kerberos guy" did the Windows step for me...so there shouldn't be
> any problems there.
>
> As it says in the guide, I did compile Squid with basic
> authentication....but I didn't set it up whatsoever and haven't
> changed any settings relating to it...could this be the culprit,
> perhaps? This actually seems somewhat likely to me because the error
> occurs when I run squid with the start-up script (that includes the
> line: export KRB5_KTNAME=/etc/squid/squid.domain.keytab) and when I
> start squid using the sbin file...(so it shouldn't even be loading the
> keytab file here).
>
> I know this information see
>
Received on Fri Dec 11 2009 - 09:28:24 MST