[squid-users] unable to do access control using squid_ldap_group

From: Sureen L <ethermedia@dont-contact.us>
Date: Wed, 28 Apr 2004 22:30:07 +0100 (BST)

Hello,

The following is my ldif file of LDAP.

dn: dc=mydomain,dc=com
o: mydomain
objectclass: top
objectclass: organization

dn: cn=Manager, dc=mydomain, dc=com
cn: Manager
objectclass: top
objectclass: organizationalRole

dn: cn=Users,dc=mydomain,dc=com
cn: Users
objectclass: top
objectclass: organizationalRole

dn: cn=WebAccess,cn=Users, dc=mydomain, dc=com
cn: WebAccess
objectclass: top
objectclass: organizationalRole

dn: cn=Mur,cn=Users,dc=mydomain,dc=com
cn: Mur
uid: mur
objectClass: top
objectClass: person
objectClass: organizationalPerson
objectClass: inetOrgPerson
userPassword: {SHA}dmMt8K4+dyKZqGTt90RZD4k=

dn: cn=zen, cn=WebAccess,cn=Users,dc=mydomain,dc=com
cn: zen
uid: zen
objectClass: top
objectClass: person
objectClass: organizationalPerson
objectClass: inetOrgPerson
userPassword: {SHA}3dmMt8K4+dyKZqGTt90RZD4k=

The tree struture of the above ldif file is

|--dc=com
    |--dc=mydomain
        |--cn=Manager
        |--cn=Users
            |--cn=Mur
        |--cn=WebAccess
            |--cn=zen

I authenticated all the users who present both in
Users and also in
WebAccess Group, since user Mur is present inside the
"User" he needs to
have access only
to certain set of web sites and the user zen who is
present inside
"WebAccess" can access all web sites. To do this
access control I did a
group authentication and tried using the following
options in
squid_ldap_group

external_acl_type ldap_group %LOGIN
/usr/local/squid/libexec/squid_ldap_group -s sub -b
"cn=WebAccess,dc=mydomain,dc=com" -h localhost -f
"(cn=%a)"

acl all 0.0.0.0/0.0.0.0
acl AuthorizedUsers external ldap_group WebAccess
http_access allow AuthorizedUsers
http_access deny all

But i could not able to accomplish what I wanted. Help
me in solving the
problem..

Thanks
-Sureen

________________________________________________________________________
Yahoo! India Matrimony: Find your partner online. http://yahoo.shaadi.com/india-matrimony/
Received on Wed Apr 28 2004 - 15:30:10 MDT

This archive was generated by hypermail pre-2.1.9 : Fri Apr 30 2004 - 12:00:03 MDT