Re: [squid-users] Squid AD login problem and squid 3.2.1 on RHEL6 from Nicole Hähnel on 2012-09-18 (squid-users)

From: Nicole Hähnel <ml_at_nicole-haehnel.de>
Date: Tue, 18 Sep 2012 15:03:59 +0200

Am 25.07.2012 12:40, schrieb Amos Jeffries:
> On 25/07/2012 2:01 p.m., Eliezer Croitoru wrote:
>> On 7/24/2012 4:13 PM, Nicole Hähnel wrote:
>>> Hi,
>>>
>>> recently we are using Squid 3.1.20 on SLES11 SP1 to control the
>>> webaccess in our Microsoft AD network.
>>> There are some internal microsoft based websites like Sharepoint for
>>> instance.
>>> Without squid we can open these websites without renewed authentication
>>> to the browser.
>>> With squid (wpad file) we get a login box, but in spite of the right
>>> credentials we won't be logged in.
>>> All computers are authenticated to the AD, so squid has to pass through
>>> the kerberos certificate.
>>>
>>> Are there any hints on that?
>>>
>>> Thanks!
>>>
>>> Kind regards,
>>> Nicole
>>>
>> what is the content of the WPAD script?
>> the access to the sharepoint and other internal server are through
>> the squid server at all?
>> do you see anything logged in the access.log file when you are trying
>> to access the sharepoint page?
>>
>> Eliezer
>>
>
> Sharepoint is on my little list of MS software which breaks HTTP when
> faced with Squid-3.1 slightly unique combination of HTTP/1.0 to
> clients and HTTP/1.1 to servers. It seems to have some keep-alive
> issues with Squid.
>
> The workaround is to use Squid-3.2 where more of HTTP/1.1 is
> supported. Meanwhile, I'm looking for someone to help design and run a
> permutation series of test cases on Squid to ensure it emits the
> correct keep-alive/close value in both directions.
>
> Amos
>

Hi,

sorry for the very late response.
Trying to build a working squid 3.2.1 rpm for rhel6.

Starting squid with -Nd6 gives after a few seconds or minutes:
2012/09/18 09:37:09.687| The AsyncCall
HttpStateData::httpStateConnClosed constructed, this=0x47ceba0 [call5077]
2012/09/18 09:37:09.785| AsyncCall.cc(52) cancel: will not call
HttpStateData::httpStateConnClosed [call4920] because
comm_remove_close_handler
2012/09/18 09:37:09.799| The AsyncCall
HttpStateData::httpStateConnClosed constructed, this=0x487ce00 [call5109]
2012/09/18 09:37:09.799| assertion failed: comm.cc:1833:
"!commHasHalfClosedMonitor(fd)"
Abgebrochen (Speicherabzug geschrieben)

While squid 3.2 is running, the login box does not come up. But squid
crashes to fast to make some more tests over minutes.
Any experiences with squid 3.2.1 on rhel6?

Thanks!

Kind regards,
Nicole
Received on Tue Sep 18 2012 - 13:04:03 MDT

This archive was generated by hypermail 2.2.0 : Tue Sep 18 2012 - 12:00:03 MDT