<html>
<head>
<meta http-equiv="content-type" content="text/html; charset=ISO-8859-1">
</head>
<body text="#000000" bgcolor="#FFFFFF">
<meta http-equiv="Content-Type" content="text/html;
charset=ISO-8859-1">
<p class="MsoNormal"><span style="mso-ansi-language:EN-GB"
lang="EN-GB"><o:p><br>
</o:p></span>
<meta http-equiv="Content-Type" content="text/html;
charset=ISO-8859-1">
</p>
<p class="MsoNormal">
<meta name="ProgId" content="Word.Document">
<meta name="Generator" content="Microsoft Word 11">
<meta name="Originator" content="Microsoft Word 11">
<link rel="File-List"
href="file:///C:%5CUsers%5CINFO-DES%5CAppData%5CLocal%5CTemp%5Cmsohtml1%5C01%5Cclip_filelist.xml">
<!--[if gte mso 9]><xml>
<w:WordDocument>
<w:View>Normal</w:View>
<w:Zoom>0</w:Zoom>
<w:HyphenationZone>21</w:HyphenationZone>
<w:PunctuationKerning/>
<w:ValidateAgainstSchemas/>
<w:SaveIfXMLInvalid>false</w:SaveIfXMLInvalid>
<w:IgnoreMixedContent>false</w:IgnoreMixedContent>
<w:AlwaysShowPlaceholderText>false</w:AlwaysShowPlaceholderText>
<w:Compatibility>
<w:BreakWrappedTables/>
<w:SnapToGridInCell/>
<w:WrapTextWithPunct/>
<w:UseAsianBreakRules/>
<w:DontGrowAutofit/>
</w:Compatibility>
<w:BrowserLevel>MicrosoftInternetExplorer4</w:BrowserLevel>
</w:WordDocument>
</xml><![endif]--><!--[if gte mso 9]><xml>
<w:LatentStyles DefLockedState="false" LatentStyleCount="156">
</w:LatentStyles>
</xml><![endif]-->
<style>
<!--
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{mso-style-parent:"";
margin:0cm;
margin-bottom:.0001pt;
mso-pagination:widow-orphan;
font-size:12.0pt;
font-family:"Times New Roman";
mso-fareast-font-family:"Times New Roman";}
@page Section1
{size:612.0pt 792.0pt;
margin:70.85pt 3.0cm 70.85pt 3.0cm;
mso-header-margin:36.0pt;
mso-footer-margin:36.0pt;
mso-paper-source:0;}
div.Section1
{page:Section1;}
-->
</style><!--[if gte mso 10]>
<style>
/* Style Definitions */
table.MsoNormalTable
{mso-style-name:"Tabla normal";
mso-tstyle-rowband-size:0;
mso-tstyle-colband-size:0;
mso-style-noshow:yes;
mso-style-parent:"";
mso-padding-alt:0cm 5.4pt 0cm 5.4pt;
mso-para-margin:0cm;
mso-para-margin-bottom:.0001pt;
mso-pagination:widow-orphan;
font-size:10.0pt;
font-family:"Times New Roman";
mso-ansi-language:#0400;
mso-fareast-language:#0400;
mso-bidi-language:#0400;}
</style>
<![endif]-->
<p class="MsoNormal"><span style="mso-ansi-language:EN-GB"
lang="EN-GB">I have a Squid
Cache: Version 3.1.19, on Ubuntu 12.04.2 LTS.<o:p></o:p></span>
</p>
<p class="MsoNormal"><span style="mso-ansi-language:EN-GB"
lang="EN-GB">We use external
authentification on ldap repository on a remote machine<o:p></o:p></span></p>
<p class="MsoNormal"><span style="mso-ansi-language:EN-GB"
lang="EN-GB"><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="font-size:8.0pt">#********************************#********************************#********************************<o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-size:8.0pt">#********************************<o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-size:8.0pt">#<span
style="mso-spacerun:yes"> </span>REGLA VALIDACION LDAP<o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-size:8.0pt">#********************************<o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-size:8.0pt">#Esto indica el
numero de
procesos de autentificacion (notienevalorpredeterminado).<o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-size:8.0pt">auth_param
basic children 5<o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-size:8.0pt"><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="font-size:8.0pt">#Especifica el
numero de
procesos redirector para desovar<o:p></o:p></span></p>
<p class="MsoNormal"><span
style="font-size:8.0pt;mso-ansi-language:
EN-GB" lang="EN-GB">redirect_children 5<o:p></o:p></span></p>
<p class="MsoNormal"><span
style="font-size:8.0pt;mso-ansi-language:
EN-GB" lang="EN-GB"><o:p> </o:p></span></p>
<p class="MsoNormal"><span
style="font-size:8.0pt;mso-ansi-language:
EN-GB" lang="EN-GB">#Valido el usuario<o:p></o:p></span></p>
<p class="MsoNormal"><span
style="font-size:8.0pt;mso-ansi-language:
EN-GB" lang="EN-GB">auth_param basic program
/usr/lib/squid3/squid_ldap_auth -b
"ou=Users,dc=vs-zmaster,dc=policia,dc=rionegro,dc=gov,dc=ar"
-f
"uid=%s" -h 10.11.37.2 -v 3<o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-size:8.0pt">auth_param
basic realm Policia
de Rio Negro<o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-size:8.0pt">#Validar grupos<o:p></o:p></span></p>
<p class="MsoNormal"><span
style="font-size:8.0pt;mso-ansi-language:
EN-GB" lang="EN-GB">external_acl_type ldap_group %LOGIN
/usr/lib/squid3/squid_ldap_group -b
"ou=Groups,dc=vs-zmaster,dc=policia,dc=rionegro,dc=gov,dc=ar"
-f
"(&(memberUid=%u)(cn=%g)(objectClass=posixGroup))" -h
10.11.37.2
-v 3<o:p></o:p></span></p>
<p class="MsoNormal"><span
style="font-size:8.0pt;mso-ansi-language:
EN-GB" lang="EN-GB"><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="font-size:8.0pt">#especifica el
tiempo de
usuario y contrasenia valido externamente.<o:p></o:p></span></p>
<p class="MsoNormal"><span
style="font-size:8.0pt;mso-ansi-language:
EN-GB" lang="EN-GB">auth_param basic casesensitive on<o:p></o:p></span></p>
<p class="MsoNormal"><span
style="font-size:8.0pt;mso-ansi-language:
EN-GB" lang="EN-GB">auth_param basic credentialsttl 280
minutes<o:p></o:p></span></p>
<p class="MsoNormal"><span
style="font-size:8.0pt;mso-ansi-language:
EN-GB" lang="EN-GB">authenticate_ttl 60 minutes<o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-size:8.0pt">#********************************#********************************#********************************<o:p></o:p></span></p>
<p class="MsoNormal"><span style="mso-ansi-language:EN-GB"
lang="EN-GB"><o:p> </o:p></span></p>
<p class="MsoNormal"><span
style="font-size:8.0pt;mso-ansi-language:
EN-GB" lang="EN-GB"><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="mso-ansi-language:EN-GB"
lang="EN-GB">The problem
is that when I change the user group on ldap to other user
group (with
differents permission) squid not refresh the change so until
1hs or more, the
change are not reflect on real time. The same goes if change
the password user,
the user still navigating for a while.<o:p></o:p></span></p>
<p class="MsoNormal"><span style="mso-ansi-language:EN-GB"
lang="EN-GB"><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="mso-ansi-language:EN-GB"
lang="EN-GB">The changes
are not reflected immediately.<o:p></o:p></span></p>
<p class="MsoNormal"><span style="mso-ansi-language:EN-GB"
lang="EN-GB"><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="mso-ansi-language:EN-GB"
lang="EN-GB">But if a
reload the squid service, the change take effect<o:p></o:p></span></p>
<p class="MsoNormal"><span style="mso-ansi-language:EN-GB"
lang="EN-GB"><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="mso-ansi-language:EN-GB"
lang="EN-GB">Regards.<o:p></o:p></span></p>
<p class="MsoNormal"><span style="mso-ansi-language:EN-GB"
lang="EN-GB"><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="mso-ansi-language:EN-GB"
lang="EN-GB"><o:p> </o:p></span></p>
</p>
<meta name="ProgId" content="Word.Document">
<meta name="Generator" content="Microsoft Word 11">
<meta name="Originator" content="Microsoft Word 11">
<link rel="File-List"
href="file:///C:%5CUsers%5CINFO-DES%5CAppData%5CLocal%5CTemp%5Cmsohtml1%5C01%5Cclip_filelist.xml">
<link rel="Edit-Time-Data"
href="file:///C:%5CUsers%5CINFO-DES%5CAppData%5CLocal%5CTemp%5Cmsohtml1%5C01%5Cclip_editdata.mso">
<!--[if !mso]>
<style>
v\:* {behavior:url(#default#VML);}
o\:* {behavior:url(#default#VML);}
w\:* {behavior:url(#default#VML);}
.shape {behavior:url(#default#VML);}
</style>
<![endif]--><!--[if gte mso 9]><xml>
<w:WordDocument>
<w:View>Normal</w:View>
<w:Zoom>0</w:Zoom>
<w:HyphenationZone>21</w:HyphenationZone>
<w:PunctuationKerning/>
<w:ValidateAgainstSchemas/>
<w:SaveIfXMLInvalid>false</w:SaveIfXMLInvalid>
<w:IgnoreMixedContent>false</w:IgnoreMixedContent>
<w:AlwaysShowPlaceholderText>false</w:AlwaysShowPlaceholderText>
<w:Compatibility>
<w:BreakWrappedTables/>
<w:SnapToGridInCell/>
<w:WrapTextWithPunct/>
<w:UseAsianBreakRules/>
<w:DontGrowAutofit/>
</w:Compatibility>
<w:BrowserLevel>MicrosoftInternetExplorer4</w:BrowserLevel>
</w:WordDocument>
</xml><![endif]--><!--[if gte mso 9]><xml>
<w:LatentStyles DefLockedState="false" LatentStyleCount="156">
</w:LatentStyles>
</xml><![endif]-->
<style>
<!--
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{mso-style-parent:"";
margin:0cm;
margin-bottom:.0001pt;
mso-pagination:widow-orphan;
font-size:12.0pt;
font-family:"Times New Roman";
mso-fareast-font-family:"Times New Roman";}
@page Section1
{size:612.0pt 792.0pt;
margin:70.85pt 3.0cm 70.85pt 3.0cm;
mso-header-margin:36.0pt;
mso-footer-margin:36.0pt;
mso-paper-source:0;}
div.Section1
{page:Section1;}
-->
</style><!--[if gte mso 10]>
<style>
/* Style Definitions */
table.MsoNormalTable
{mso-style-name:"Tabla normal";
mso-tstyle-rowband-size:0;
mso-tstyle-colband-size:0;
mso-style-noshow:yes;
mso-style-parent:"";
mso-padding-alt:0cm 5.4pt 0cm 5.4pt;
mso-para-margin:0cm;
mso-para-margin-bottom:.0001pt;
mso-pagination:widow-orphan;
font-size:10.0pt;
font-family:"Times New Roman";
mso-ansi-language:#0400;
mso-fareast-language:#0400;
mso-bidi-language:#0400;}
</style>
<![endif]--><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1027"/>
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1"/>
</o:shapelayout></xml><![endif]-->
</body>
</html>