I am using squid_ldap_auth as shipped with squid 2.5stable5 and also squid_ldap_group but that's out of topic.
to which version do I need to upgrade ? The most recent update on the subject I could find was for 2.5ST4 (bugzilla#789) Andrew. Selon Tim Neto <[EMAIL PROTECTED]>: > > Hello Andrew, > > What external authentication helper are you using? LDAP, SAMBA, or ... ??? > > The helper program needs to be upgraded to effectively respond with > "ERR" to these type of requests. > > Tim > > ----------------------------------------------------------- > Timothy E. Neto > Computer Systems Engineer Komatsu Canada Limited > Ph#: 905-625-6292 x265 1725B Sismet Road > Fax: 905-625-6348 Mississauga, Canada > E-Mail: [EMAIL PROTECTED] L4W 1P9 > ----------------------------------------------------------- > > > > [EMAIL PROTECTED] wrote: > > >Hi, > > > > > >Putting a whitespace prefix or suffix in the username at authentication time > >causes : > > > > - acl's based on username to be circumvented > > - access.log analysis to be fooled. > > > >This is because a "%20" is put in place of the whitespace : > > %20username > >or username%20 > > > > > >Is there a rule or option to reject all usernames containing a whitespace ? > >Or should I put a special ACL to deny access to those users who put a > whitespace > >by mistake? > >The best would be that Squid asks for a username/passwd until it is valid > (good > >pair && no whitespace) so that the end-user doesn't get confused. > >IE : "my password is accepted , but I get a Forbidden Access page" > > > >(I could'nt find anything in the archives or FAQ, maybe I didn't use the > correct > >keywords ? - %20, username, whitespace, space, or blank) > > > > > > > >Thanks for your help, > > > >Andrew. > > > > > > > > >
