[squid-users] Repeated authentication attempts on Squid 2.5.STABLE13 using pam_auth

From: Murthy Raju <mrkmurthyraju@dont-contact.us>
Date: Tue, 28 Mar 2006 08:26:49 +0100 (BST)

Hi,

I have Squid 2.5STABLE13 running on redhat 7.3. I am
using pam_auth and noticed the following behavior:

When a user enters incorrect credentials, access is
denied, which is as expected. But I find in cache.log
(using debug mode) that squid is making requestes to
the authenticator repeatedly even after the user has
given up. This also results in repeated authentication
failure messages in syslog. Some times, I see
thousands of such messages in the syslog generated. I
have verified that these authentication requests are
not from fresh requests to the proxy.

Here are some sample entries in my syslog:

Mar 28 11:01:06 intranet squid(pam_unix)[29855]:
authentication failure; logname= uid=23 euid=23 tty=
ruser= rhost= user=someusername

Mar 28 11:45:44 intranet squid(pam_unix)[30990]: bad
username [@^F;]
Mar 28 11:45:58 intranet last message repeated 25
times

 Mar 28 11:46:01 intranet squid(pam_unix)[30990]:
authentication failure; logname= uid=23 euid=0 tty=
ruser= rhost= user=someotheruser

I searched in the FAQ and archives and could not find
any mention of this problem. Can anyone help me
understand the reason for the repeated messages? Also
what is the difference between "bad username" and
"authentication failure"?

Regards
Murthy Raju

                
__________________________________________________________
Yahoo! India Matrimony: Find your partner now. Go to http://yahoo.shaadi.com
Received on Tue Mar 28 2006 - 00:26:58 MST

This archive was generated by hypermail pre-2.1.9 : Sat Apr 01 2006 - 12:00:04 MST