[squid-users] Using LDAP and NCSA auth
schinken
schinken at hackerspace-bamberg.de
Tue Nov 18 11:30:57 UTC 2014
Hi there,
i'm currently trying to do authentication against LDAP and NCSA auth -
but it looks like, the user is never checked against NCSA if auth
against LDAP failed (because the user doesn't exist):
> auth_param basic program /usr/lib/squid3/basic_ldap_auth -R -b "dc=COMPANY,dc=int" -D squid at company.int -W /etc/squid3/ldappass.txt -f sAMAccountName=%s -h ldap.company.int
> auth_param basic children 100
> auth_param basic realm Internet Proxy
> auth_param basic credentialsttl 5 minute
>
> auth_param basic program /usr/lib/squid3/basic_ncsa_auth /etc/squid3/passwd
> auth_param basic realm Internet Proxy Basic
>
> acl auth proxy_auth REQUIRED
If i try ncsa auth manually, it works:
> root at proxy:~# /usr/lib/squid3/basic_ncsa_auth /etc/squid3/passwd
> nikola testla
> OK
The same is true for LDAP auth. But i can't get a fallback working. How
could i solve this?
--
Schinken
Backspace e.V.
http://hackerspace-bamberg.de
mail: schinken at hackerspace-bamberg.de
xmpp: schinken at tai-wahn.de (otr)
GPG: FFB7 E40D B2DD D24C C9B7 B5C5 703C F8B8 882C 871E
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: OpenPGP digital signature
URL: <http://lists.squid-cache.org/pipermail/squid-users/attachments/20141118/352dd543/attachment.sig>
More information about the squid-users
mailing list