[squid-users] Authentication pass-through cache_peer

Eduardo Carneiro eduardoocarneiro at gmail.com
Thu Nov 24 13:04:00 UTC 2016

Hi Amos,

I'm still trying to configure login pass-through. Now, I'm using negotiate /
kerberos. On the frontend machine, I enabled login = PASSTHRU in the
cache_peer configuration line. As previously stated, the authentication is
present only on the parent machine.

The cache.log of my parent machine show this:

2016/11/24 09:51:13 kid1 | ERROR: Negotiate Authentication validating user.
Result: {result = BH, notes = {message: gss_accept_sec_context () failed:
Unspecified GSS failure. Minor code may provide more information. Can not
decrypt ticket for HTTP/frontend.domain.com at DOMAIN.COM using keytab key for
HTTP/parent.domain.com at DOMAIN.COM; }}

If I use the parent machine as a frontend machine, it works perfectly
including the authentication. But, when I enable the cache_peer ...
login=PASSTHRU, the error above happen.

Someone knows how to solve that?

View this message in context: http://squid-web-proxy-cache.1019090.n4.nabble.com/Authentication-pass-through-cache-peer-tp4680587p4680647.html
Sent from the Squid - Users mailing list archive at Nabble.com.

More information about the squid-users mailing list