[squid-users] Kerberos issues on 4.1
Victor Sudakov
sudakov at sibptus.tomsk.ru
Tue Jul 17 02:20:16 UTC 2018
Dear Colleagues,
After upgrading to Squid 4.1 (from FreeBSD ports) I started having problems
with Kerberos authentication.
A user complained about being denied access. The strange things are that:
1. There was only one such user, others seemed to be authenticating
properly (or just did not complain).
2. The user seemed authenticated but still was denied (!), a sample access.log entry:
1531737712.384 7 212.73.124.190 TCP_DENIED/403 9976 GET http://yandex.ru/zzzzzzzzzzzz user at REA.LM HIER_NONE/- text/html
The user tried different browsers on different hosts, with the same result.
After downgrading to Squid 3.5.27 all went well again.
Sorry I cannot provide more debugging info at present, I had to
downgrade my two production Squids ASAP.
Was there any major change between Squid 3 and 4 in the way
Negotiate/Kerberos works?
--
Victor Sudakov, VAS4-RIPE, VAS47-RIPN
AS43859
More information about the squid-users
mailing list