[squid-users] Digest Problem

From: FredB <fredbmail_at_free.fr>
Date: Wed, 14 Mar 2012 10:11:58 +0100 (CET)

Hi,

I'm trying ldap and digest with squid 3.2.0.16, the authentication seems works, but unfortunately I can only navigate just one time

1) squid start

2) Open firefox, first cnx deny -> normal
192.168.80.194 - - [14/Mar/2012:09:54:40 +0100] "GET http://www.google.fr/ HTTP/1.1" 407 1861 "-" "Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.0.19) Gecko/2010091807 Iceweasel/3.0.6 (Debian-3.0.6-3)" TCP_DENIED:HIER_NONE

3) Ident ok with user ftest
192.168.80.194 - ftest [14/Mar/2012:09:54:51 +0100] "GET http://www.google.fr/ HTTP/1.1" 200 22083 "-" "Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.0.19) Gecko/2010091807 Iceweasel/3.0.6 (Debian-3.0.6-3)" TCP_MISS:HIER_DIRECT

4) Refresh or get another website -> deny
192.168.80.194 - - [14/Mar/2012:09:54:51 +0100] "GET http://www.google.fr/images/icons/product/chrome-48.png HTTP/1.1" 403 1742 "http://www.google.fr/" "Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.0.19) Gecko/2010091807 Iceweasel/3.0.6 (Debian-3.0.6-3)" TCP_DENIED:HIER_NONE
192.168.80.194 - - [14/Mar/2012:09:54:51 +0100] "GET http://www.google.fr/logos/2012/yoshizawa12-hp.jpg HTTP/1.1" 403 1742 "http://www.google.fr/" "Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.0.19) Gecko/2010091807 Iceweasel/3.0.6 (Debian-3.0.6-3)" TCP_DENIED:HIER_NONE
192.168.80.194 - - [14/Mar/2012:09:54:51 +0100] "GET http://www.google.fr/images/modules/buttons/g-button-chocobo-basic-1.gif HTTP/1.1" 403 1742 "http://www.google.fr/" "Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.0.19) Gecko/2010091807 Iceweasel/3.0.6 (Debian-3.0.6-3)" TCP_DENIED:HIER_NONE
192.168.80.194 - - [14/Mar/2012:09:54:51 +0100] "GET http://www.google.fr/images/modules/buttons/g-button-chocobo-basic-2.gif HTTP/1.1" 403 1742 "http://www.google.fr/" "Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.0.19) Gecko/2010091807 Iceweasel/3.0.6 (Debian-3.0.6-3)" TCP_DENIED:HIER_NONE
192.168.80.194 - - [14/Mar/2012:09:54:51 +0100] "GET http://www.google.fr/extern_js/f/CgJmchICZnIrMEU4ACwrMFo4ACwrMA44ACwrMBc4ACwrMDw4ACwrMFE4ACwrMFk4ACwrMAo4AJoCAmNjLCswmAE4ACwrMBY4ACwrMBk4ACwrMCs4AJoCC2pzX3JlZGlyZWN0LCswQTgALCswTTgALCswTjgALCswUzgALCswVDgALCswaTgALCswkAE4ACwrMJIBOAAsKzCXATgALCswowE4ACwrMKcBOAAsKzDVATgALCsw2AE4ACwrMB04ACwrMFw4ACwrMBg4ACwrMCY4ACyAAmiQAms/VOQ9j5h6dbo.js HTTP/1.1" 403 1742 "http://www.google.fr/" "Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.0.19) Gecko/2010091807 Iceweasel/3.0.6 (Debian-3.0.6-3)" TCP_DENIED:HIER_NONE
192.168.80.194 - - [14/Mar/2012:09:54:52 +0100] "GET http://www.google.fr/images/nav_logo104.png HTTP/1.1" 403 1742 "http://www.google.fr/" "Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.0.19) Gecko/2010091807 Iceweasel/3.0.6 (Debian-3.0.6-3)" TCP_DENIED:HIER_NONE
192.168.80.194 - - [14/Mar/2012:09:54:52 +0100] "GET http://www.google.fr/favicon.ico HTTP/1.1" 403 1742 "-" "Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.0.19) Gecko/2010091807 Iceweasel/3.0.6 (Debian-3.0.6-3)" TCP_DENIED:HIER_NONE
192.168.80.194 - - [14/Mar/2012:09:54:52 +0100] "GET http://ssl.gstatic.com/gb/js/sem_24f279c41cbdb53cb15432c98ed5fee2.js HTTP/1.1" 403 1742 "http://www.google.fr/" "Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.0.19) Gecko/2010091807 Iceweasel/3.0.6 (Debian-3.0.6-3)" TCP_DENIED:HIER_NONE
192.168.80.194 - - [14/Mar/2012:09:54:54 +0100] "GET http://www.google.fr/ HTTP/1.1" 403 1742 "-" "Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.0.19) Gecko/2010091807 Iceweasel/3.0.6 (Debian-3.0.6-3)" TCP_DENIED:HIER_NONE

It's ok only for the first request, for example if my first page is www.squid-cache.org I get only the html page without css or pictures

Squid.conf:

auth_param digest program /usr/lib/squid/digest_ldap_auth -b ou=People,dc=ldap,dc=test -h 127.0.0.1:389 -A "description" -l: -e -u "uid"

auth_param digest realm PROXY
auth_param digest children 10

Thanks
Received on Wed Mar 14 2012 - 09:12:18 MDT

This archive was generated by hypermail 2.2.0 : Thu Mar 15 2012 - 12:00:02 MDT