On tor, 2008-06-19 at 15:49 -0430, Edward Ortega wrote:
> Hi!
>
> I've a problem with authentication ldap on squid3 using digest, i'm
> using Squid Cache: Version 3.0.PRE5 on Debian ia64 :
>
> # /usr/lib/squid3/digest_ldap_auth -v 3 -b 'dc=something,dc=com' -F
> '(&(objectclass=posixAccount)(uid=%s))' -H 'ldap://ldap' -A
> 'userPassword' -l -e -d
> someuser somepassword
> ERR
>
> Any help would be appreciated, thanks!
Digest helpers expect a different input.
"username":"realm"<enter>
(with the quotes)
Additionally userPassword is usually write-only in most LDAP trees for
security reasons, and practically never contains a Digest H(A1) hash (-e
option).
The job of a digest helper is to return the Digest H(A1) hash for a
given username + realm combination. This can be based on either
plaintext passwords or precalculated digest H(A1) hashes stored in the
backend..
H(A1) is MD5(username + ":" + realm + ":" + password)
Regards
Henrik
This archive was generated by hypermail 2.2.0 : Fri Jun 20 2008 - 12:00:04 MDT