[squid-users] SslBumped request: It is an encapsulated request do not authenticate

From: Daniel Niasoff <daniel_at_intelliworkspace.com>
Date: Wed, 21 Aug 2013 01:59:40 +0000

Hi,

We are using Squid with SslBump/

Our users are sporadically getting "access denied" errors so I did a bit of debugging and saw this.

2013/08/21 01:24:49.900 kid1| Acl.cc(336) matches: ACLList::matches: checking authenticated
2013/08/21 01:24:49.900 kid1| Acl.cc(319) checklistMatches: ACL::checklistMatches: checking 'authenticated'
2013/08/21 01:24:49.900 kid1| Acl.cc(28) AuthenticateAcl: SslBumped request: It is an encapsulated request do not authenticate
2013/08/21 01:24:49.900 kid1| UserRequest.cc(93) valid: Validated. Auth::UserRequest '0x7f0ce933b8c0'.
2013/08/21 01:24:49.900 kid1| User.cc(38) authenticated: User not authenticated or credentials need rechecking.

Does this mean it's impossible to authenticate a SslBumped request. What's strange is the access log is showing the request with a username which indicates the request was authenticated!

Also when the user refreshes the problem usually disappears.

Currently the authentication helper was set to 6 minutes (for testing) and I have increased it to 60 minutes.

Any ideas?

Thanks

Daniel
Received on Wed Aug 21 2013 - 01:59:43 MDT

This archive was generated by hypermail 2.2.0 : Wed Aug 21 2013 - 12:00:43 MDT