Re: [squid-users] Ldap secure user-authentication

From: Amos Jeffries <squid3_at_treenet.co.nz>
Date: Thu, 29 Dec 2011 15:35:41 +1300

On 28/12/2011 10:45 p.m., FredB wrote:
>> In order to move to the more secure auth methods usually requires a
>> config setting in the LDAP to enable support for secure
>> authentication
>> tokens instead of a password. If you are lucky the LDAP server
>> already
>> has that turned on and you only need to add other authentication LDAP
>> helpers to Squid.
>>
>> Amos
>>
>
> Thanks Amos, now I think Digest is the better way for me
>
> I read http://wiki.squid-cache.org/KnowledgeBase/LdapBackedDigestAuthentication but I'm not familiar with Ldap so I'm a little lost and need an advise.
>
> Actually auth works without problem with this
>
> auth_param basic program /usr/lib/squid/squid_ldap_auth -b ou=People,dc=ldap,dc=web -h 192.168.2.1:389
> auth_param basic children 100 startup=50 idle=20
>
> I tried some squid digest syntax without success, How I can validate the Ldap config setting with digest_ldap_auth ?

My knowledge here ends at the helper readme page I'm afraid. Hopefully
someone else can help.

For validating it, try the -d switch to the helper in squid.conf. We
have tried to make sure all the helpers have one and produce useful
debugs of what they are doing.

Amos
Received on Thu Dec 29 2011 - 02:36:01 MST

This archive was generated by hypermail 2.2.0 : Thu Dec 29 2011 - 12:00:05 MST