I am having a problem with Ldap Auth/Squid. certain restricted users
being prompted multiple times for auth even though it should be
cached.
This behaviour happens with a site such as
http://www.euroinvestor.co.uk/
many others as well. It prompts them for the initial webpage then
various ad's on the page as well.
This also did not happen in squid2.5.6 but happens constantly in
squid2.6.14 or squid2.6.16, i am guessing its some ldap config setting
but who knows.
Config info etc:
Squid Cache: Version 2.6.STABLE16
configure options: '--prefix=/usr/local/squid2.6.16'
'--enable-basic-auth-helpers=LDAP'
'--enable-external-acl-helpers=ldap_group' '--enable-storeio=aufs,ufs
entries in squid.conf:
auth_param basic program /usr/local/squid2.6.16/libexec/squid_ldap_auth
-d -P -b o=businesswire.com -h servername.businesswire.com -f (uid=%s)
auth_param basic children 15
auth_param basic realm Business Wire Internet logon - Use InsideTrak
username and password to log on
auth_param basic credentialsttl 1 minute
auth_param basic casesensitive off
external_acl_type sfapp2ldapgroup %LOGIN
/usr/local/squid2.6.16/libexec/squid_ldap_group -d -b
"cn=Organization,cn=Businessw
ire Employees,o=businesswire.com" -f (&(cn=%a)(uniquemember=uid=%v*))
-h sfapp2.businesswire.com
Or maybe it's an ACL thing but cant figure out why it worked in
squid2.5.6 but not in 2.6.16 with the same squid.conf config paramters.
Debugging is on in the logs and login activity is shown.
Thanks
Received on Wed Sep 19 2007 - 13:42:34 MDT
This archive was generated by hypermail pre-2.1.9 : Mon Oct 01 2007 - 12:00:02 MDT