[squid-users] Re: Problem with SQUID_KERB_LDAP

At this time i try to exclude "LDAP authorization" problem from whole process
and comment this sting in squid.conf (come back to this when athentication
issue will be solved)

And the main problem is authentication problem with squid_kerb_auth helper.
Here cache.log file piece where the probkem is seen.

2010/10/25 14:43:36.306| ACLChecklist::preCheck: 0x85a1e50 checking
'http_access allow auth'
2010/10/25 14:43:36.306| ACLList::matches: checking auth
2010/10/25 14:43:36.306| ACL::checklistMatches: checking 'auth'
2010/10/25 14:43:36.307| authenticateAuthenticate: no connection
authentication type
2010/10/25 14:43:36.307| Acl.cc(65) AuthenticateAcl: returning 0 sending
credentials to helper.
2010/10/25 14:43:36.307| ACL::ChecklistMatches: result for 'auth' is 0
2010/10/25 14:43:36.307| ACLList::matches: result is false
2010/10/25 14:43:36.307| aclmatchAclList: 0x85a1e50 returning false (AND
list entry failed to match)
2010/10/25 14:43:36.307| ACLChecklist::asyncInProgress: 0x85a1e50 async set
to 1
2010/10/25 14:43:36.307| ACLChecklist::checkForAsync: checking password via
authenticator
2010/10/25 14:43:36.307| aclmatchAclList: async=1 nodeMatched=0
async_in_progress=1 lastACLResult() = 0 finished() = 0
2010/10/25 14:43:36.307| clientReadSomeData: FD 11: reading request...
2010/10/25 14:43:36| squid_kerb_auth: DEBUG: Got 'YR
YIIGZgYGKwYBBQUCoIIGWjCCBlagMDAuBgkqhkiC9xIBAgIGCSqGSIb3EgECAgYKKwYBBAGCNwICHgY
.
.
/3uRdUzk6z+y3XhEBX19jNqd5CBe72CHRAh5CBC4GPkSyzbjWql5x9kfsBnoEK8Gc5VDXQPAVfAg=
=' from squid (length: 2195).
2010/10/25 14:43:36| squid_kerb_auth: DEBUG: Decode
'YIIGZgYGKwYBBQUCoIIGWjCCBlagMDAuBgkqhkiC9xIBAgIGCSqGSIb3EgECAgYKKwYBBAGCNwICHgY
.
.
fpGHRVhvZk/kda8Vtvd618615TAA7y7E7ZN3DeUAEVD+fRErTlSbBlY/3uRdUzk6z+y3XhEBX19jNqd5CBe72CHRAh5CBC4GPkSyzbjWql5x9kfsBnoEK8Gc5VDXQPAVfAg=
=' (decoded length: 1642).
2010/10/25 14:43:36| squid_kerb_auth: ERROR: gss_acquire_cred() failed:
Unspecified GSS failure. Minor code may provide more inform
ation. Permission denied
2010/10/25 14:43:36.308| commio_finish_callback: called for FD 10 (0, 0)
2010/10/25 14:43:36.308| comm_read_try: FD 10, size 8191, retval 115, errno
0
2010/10/25 14:43:36.308| commio_finish_callback: called for FD 10 (0, 0)
2010/10/25 14:43:36.308| comm.cc(165) will call SomeCommReadHandler(FD 10,
data=0x83aaf78, size=115, buf=0x83ab188) [call48]
2010/10/25 14:43:36.308| entering SomeCommReadHandler(FD 10, data=0x83aaf78,
size=115, buf=0x83ab188)
2010/10/25 14:43:36.308| AsyncCall.cc(32) make: make call
SomeCommReadHandler [call48]
2010/10/25 14:43:36.308| helperStatefulHandleRead: end of reply found
2010/10/25 14:43:36.308| helper.cc(375) helperStatefulReleaseServer: srv-0
flags.reserved = 1
2010/10/25 14:43:36.308| authenticateNegotiateHandleReply: Error validating
user via Negotiate. Error returned 'BH gss_acquire_cred(
) failed: Unspecified GSS failure. Minor code may provide more information.
Permission denied'

Got and Decode strings are cuted.

-- 
View this message in context: http://squid-web-proxy-cache.1019090.n4.nabble.com/Problem-with-SQUID-KERB-LDAP-tp1468788p3010200.html
Sent from the Squid - Users mailing list archive at Nabble.com.