[squid-users] Configuration for squid ldap auth

From: Fernando Maior <fernando@dont-contact.us>
Date: 08 May 2003 17:46:13 -0300

Hi,

I spent a full day looking for sources of documentation that can help me
configure a squid proxy with ldap authentication. I would like to
receive some help or links.

Directives needed
-----------------

I am not quite sure on what is the set of directives for use with the
squid_ldap_auth helper. I believe I need

auth_param basic program squid_ldap_auth
auth_param basic children 5
auth_param basic realm Squid proxy-caching web server
auth_param basic credentialsttl 2 hours

and also

acl Autorizado proxy_auth REQUIRED
http_access allow Autorizado

Do I need any more directives?

auth_param sintaxe
------------------

It is not clear for me if I must include the full path and all
parameters in the auth_param basic program line. Is it correct to have a
line like

auth_param basic program /usr/lib/squid/squid_ldap_auth -u cn -b
"ou=Users,o=DASA" -f "(&(uid=%s)(internetAccess=enabled))" -h localhost

in the squid.conf? Or may be I need only the squid_ldap_auth and there
is another place I must put the parameters?

Also, man page for squid_ldap_group says it is an external acl helper,
and the samples shows the use of external_acl_type directive. Do I need
to use that directive for squid_ldap_auth or not?

finally
-------

I understand squid_ldap_auth is for authentication against LDAP, and
squid_ldap_group is only for verifying if the user is a member of the
group. Am I right?

Thanks!

-- 
Bye,
Fernando Maciel Souto Maior
fernando@araujo.com.br
http://www.araujo.com.br
+55+31 3270-5886
Received on Thu May 08 2003 - 14:50:11 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:16:25 MST