In message <[EMAIL PROTECTED]> Henrik Nordstrom <[EMAIL PROTECTED]> wrote: > ons 2003-01-29 klockan 18.46 skrev Daniel Barron: > > I have compiled squid 2.5 with the external acl group ldap support and > > installed it on a clean redhat 8 with no previous squid. By default the > > openldap libraries were installed. > > > > What happens is I just get cache access denied must authorise without > > asking for a user/pass. > > > > I get no errors in syslog. > > > > squid access.log: > > > > 1043860359.309 55 192.168.254.2 TCP_DENIED/407 1679 GET >http://acorn.cybervillage.co.uk/ - NONE/- text/html > > > > squid.conf: > > > > external_acl_type ldap_auth %LOGIN /usr/local/squid/libexec/group_ldap_auth -b >"dc=jadeb,dc=com" -h 192.168.254.23 -g distinguishedName -u cn -S > > > > acl ldap_webaccess external ldap_auth CN=WebAccess,OU=Groups,dc=jadeb,dc=com > > > > http_access allow ldap_webaccess > > > > > > There is surely something obvious wrong here. I have followed the info > > in the man page for the group_ldap_auth and tied it with info on this > > page: > > > > http://group-ldap-auth.sourceforge.net/ > > > > So its a bit of a guess. > > > > Whats wrong? Do I need the other basic_auth LDAP helper as well?
> You are mixing two unrelated threads. > > group_ldap_auth is an earlier patch for Squid-2.4. It is not related to > the external_acl feature of Suqid-2.5 (as used for group membership > lookups). > Yes I understand they are different. > > For information on how to configure Squid-2.5 see the documentation of > squid_ldap_auth and squid_ldap_group, both shipped with the Squid > sources. I have the squid 2.5S1 source and can only find a squid_ldap_group helpers dir. It contains only a man file which is also the only documentation I can find at the below url. > > The current version of squid_ldap_group can also be found including > documentation at http://marasystems.com/download/LDAP_Group/ I followed the docs to write the acl lines and after checking again they look correct. But squid is not prompting for a user/pass as I would expect. Whats wrong with what I've done? What do I need to do to get squid to prompt for the user/pass? -- Daniel Barron (Visit http://dansguardian.org/ - True web content filtering for all)
