[squid-users] NCSA Auth doesn't recognize usernames with capital letters

Amos Jeffries squid3 at treenet.co.nz
Wed Nov 28 12:05:54 UTC 2018


On 28/11/18 10:28 am, Schokobecher wrote:
> Hello,
> 
> I'm facing a really weird problem at the moment.
> I'm using Squid 4.2 using the default Ubuntu compile options
> (self-compiled) together with the NCSA Basic Auth helper and a passwd
> file generated using "httpasswd -m".
> 
> If I add a user to it that starts with a capital letter (for example
> "Bob") the auth always fails - until "Bob" becomes "bob" inside the
> file, then the auth instantly works... and also for "Bob" since I use an
> ACL like:
> 
> acl bob proxy_auth_regex -i bob
> 
> But the other way around is a no-go.
> 
> Did I miss something here?

Usernames are case sensitive. Your regex may accept insensitive values,
but the rest of the system is mandatory case sensitive.
 [ IME the systems doing UI tend to lower case inputs in order to avoid
security issues and headaches that come with with having two logins
"bob" and "Bob" for different users. ]

You can double-check what is going on with a cache.log trace from
"debug_options 11,2 28,8 29,9". The helper itself does not (yet) have
debug output unfortunately so if the issue is inside the OS crypt()
implementation it can be hard to see.

Amos


More information about the squid-users mailing list