Hello List,
I have squid authentication problem.
I have this configuration:
Versions: Samba-3 RPM FEDORA
squid-2.5.STABLE4
what i did:
edit smb.conf (with winbind options)
joined domain
net join -U admin
wbinfo -t
checking the trust secret via RPC calls succeeded
I can authenticate a USER to the Domains
a wbinfo -u shows me users and wbinfo -g shows my domain
groups.
Install Squid
./configure --enable-auth=ntlm,basic --enable-delay-pools --enable-snmp \
--enable-useragent-log --prefix=/usr/local/squid --enable-ssl
\ --enable-external-acl-helpers=wbinfo_group
edit squid.conf with:
auth_param ntlm program /usr/lib/squid/wb_ntlmauth
auth_param ntlm children 5
auth_param ntlm max_challenge_reuses 0
auth_param ntlm max_challenge_lifetime 2 minutes
auth_param basic program /usr/lib/squid/wb_auth
auth_param basic children 5
auth_param basic realm ChoicePoint Proxy server
auth_param basic credentialsttl 2 hours
Add the following ACL:
acl AuthorizedUsers proxy_auth REQUIRED
Modify your http_access lines to include "AuthorizedUsers"
http_access allow AuthorizedUsers
http_access deny all
I receive username and password menu.
But I can go trough and there isn't any valid uname or password.
The squid debug gives me:
2004/02/03 20:45:31| The request GET http://www.mail.com/ is DENIED,
because it matched 'AuthorizedUsers'
2004/02/03 20:45:31| The request GET http://www.mail.com/ is DENIED,
because it matched 'AuthorizedUsers'
2004/02/03 20:45:31| clientReadRequest: FD 22: no data to process ((11)
Resource temporarily unavailable)
2004/02/03 20:45:31| The request GET http://www.mail.com/ is DENIED,
because it matched 'AuthorizedUsers'
2004/02/03 20:45:46| The request GET http://www.mail.com/ is DENIED,
because it matched 'AuthorizedUsers'
2004/02/03 20:45:46| clientReadRequest: FD 22: no data to process ((11)
Resource temporarily unavailable)
2004/02/03 20:45:46| The request GET http://www.mail.com/ is DENIED,
because it matched 'AuthorizedUsers'
Thank you for help
Received on Wed Feb 04 2004 - 03:59:55 MST
This archive was generated by hypermail pre-2.1.9 : Mon Mar 01 2004 - 12:00:01 MST