Hello!
Just tried to install 3.4.1 to production.
Users complain that need to do reauth after some timeout.
Parts of config:
external_acl_type LdapGroup children-max=30 children-startup=10
concurrency=0 ttl=600 negative_ttl=10 grace=0 protocol=2.5 %LOGIN
/usr/sbin/sq
uid_ldap_group -v 3 -h 127.0.0.1 -b "o=company,c=RU" -B
"org=company,ou=People,o=company,c=RU" -f "(&(cn=%g)(memberUid=%u))" -F
"(&(objectClass=acc
ount)(uid=%s))" -s sub
and
auth_param basic program /usr/sbin/squid_ldapauth
auth_param basic credentialsttl 600 seconds
auth_param basic children 10
auth_param basic realm Squid proxy-caching web server
#auth_param basic casesensitive on
auth_param basic casesensitive off
I see following in my logs, firefox doesn't ask me for auth info though:
1386754087.151 2 192.168.22.229 TCP_DENIED/407 6701 GET
http://www.rbc.ru/? dm HIER_NONE/- text/html
1386754810.393 2 192.168.22.229 TCP_DENIED/407 6702 GET
http://www.rbc.ru/? dm HIER_NONE/- text/html
1386755534.579 2 192.168.22.229 TCP_DENIED/407 6702 GET
http://www.rbc.ru/? dm HIER_NONE/- text/html
as far as I remember, there was such problem in 3.2, or something like
this, so I installed 3.3 before it was released- this was acl problem.
Some changes were introduced in 3.4 ? Or I need to reconfigure something?
Thank you!
Received on Wed Dec 11 2013 - 10:02:34 MST
This archive was generated by hypermail 2.2.0 : Thu Dec 12 2013 - 12:00:04 MST