[squid-users] squid-3.3.8-26.el7_2.4.x86_64 using Novell eDirectory with /usr/lib64/squid/digest_edirectory_auth

Amos Jeffries squid3 at treenet.co.nz
Tue Dec 13 03:24:44 UTC 2016


On 13/12/2016 3:13 a.m., Eliezer Croitoru wrote:
> Hey,
> 
> digest_edirectory_auth is not for LDAP but for edirectory but I a not too familiar with this to tell you how to test.

Uhm, wrong there. But a common mistake.
 LDAP is a *protocol* (like HTTP is a protocol).
 eDirectory is software (like Squid is software).

That helper is for performing Digest authentication with an eDirectory
backend. It uses LDAP to communicate to that eDirectory software.


> Basically you need a  "basic" ldap authentication helper  
> Which the source is: http://bazaar.launchpad.net/~squid/squid/3.5/files/head:/helpers/basic_auth/LDAP/

That helper is for performing Basic authentication with *any* backend
that speaks LDAP protocol.


> -----Original Message-----
> From: squid-users On Behalf Of bjoern wahl
> 
> Hello!
> 
> I would like to install a squid-3.3.8-26.el7_2.4.x86_64 (CentOS7) using LDAP auth with digest_edirectory_auth, but i can not get it working.
> 
> Does anybody user this ?
> 
> I tried:
> 
> 
> /usr/lib64/squid/digest_edirectory_auth -A password -l : -e -v 3 -D "cn=xxxx,o=xxxxx" -b "o=xxxxx" -w xxxx -b o=xxxx -s sub -F "(&(objectclass=User)(cn=%s))" -Z -h ldaps://xxxxxx -n
> 

-h parameter takes a hostname,  "ldaps://" is a URI.

> but i only get:
> 
> 
> user1 pw1
> ERR
> user2 pw2
> ERR
> user3 pw3
> ERR 
> 
> Any ideas ?

Those test lines are Basic auth inputs.

Use Digest auth inputs for testing Digest helpers.
<http://wiki.squid-cache.org/Features/AddonHelpers#Digest_Scheme>


Amos



More information about the squid-users mailing list