Re: [squid-users] Squid 2.5 w/ LDAP

From: Steven Adams <steve@dont-contact.us>
Date: Fri, 18 Mar 2005 16:56:30 +1100

Oops, i fixed it.. had to remove the quotes from the auth_program line..
works now..

ill move onto getting the groups working now :)

Thanks for your help..

Steven Adams wrote:

> Hey Again,
>
> Ok i have run squid_ldap_auth program from command like and enter
> user/password and it comes back OK so it seems to be working..
>
> I put this in squid.conf
>
> authenticate_program /usr/local/squid/libexec/squid_ldap_auth -H
> ldap://192.168.0.1 -D "cn=adminsq,o=adminsq" -w etc etc...
> acl authenticated proxy_auth REQUIRED
> http_access allow authenticated
>
> It pops up with user/password feild but it keeps saying its the
> wrong/user password, i cant see nothing in it logs at all.. Is there
> anyway to put this into debug mode so i can see whats going on.
>
> Thanks again!
>
> Henrik Nordstrom wrote:
>
>> On Fri, 18 Mar 2005, Steven Adams wrote:
>>
>>> What i actually want to do is depending on which group the user is
>>> depends how much access they get.
>>>
>>> Eg group "somesites" gets access to only some sites.. Group
>>> "allsites" gets access to all sites.
>>
>>
>>
>> You need to start with first getting the authentication to work. Then
>> from there it is a relatively easy path to detail the access controls
>> using groups.
>>
>> LDAP group based access controls is done using squid_ldap_group.
>> Start by reading the manual (man page). The most tricky part (apart
>> from copy-pasting data from the squid_ldap_auth parameters) is
>> figuring out the search filter for finding the proper group in your
>> LDAP directory.
>>
>>> I tried what you said below, how do u actually enter the username
>>> and password in because all i get back if i type
>>>
>>> <username>
>>
>>
>>
>> Basic auth helpers expects the following input, as documented in
>> squid.conf:
>>
>> username <space> password <enter>
>>
>> Regards
>> Henrik
>>
>>
>> .
>>
>
>
>
>
Received on Thu Mar 17 2005 - 22:56:40 MST

This archive was generated by hypermail pre-2.1.9 : Fri Apr 01 2005 - 12:00:02 MST