I’m setting up ldap authentication :
My Ldap Config in squid.conf:
auth_param basic program /usr/lib/squid/squid_ldap_auth -b
o=Organization -h ldapserv -D cn=username,o=Organization -w password -
f (&(objectclass=person)(cn=%s))
auth_param basic children 50
auth_param basic realm Web-Proxy
auth_param basic credentialsttl 1 minute
acl ldap-auth proxy_auth REQUIRED
http_access deny !ldap-auth
If I type in an http site http://www.google.com I get a pop up box and
can authenticate and get the site.
If I type in an https site https://www.paypal.com, I get a pop up box
and can authenticate but get the following
ERROR
The requested URL could not be retrieved
________________________________________
While trying to retrieve the URL: /
The following error was encountered:
• Invalid URL
Some aspect of the requested URL is incorrect. Possible problems:
• Missing or incorrect access protocol (should be `http://'' or
similar)
• Missing hostname
• Illegal double-escape in the URL-Path
• Illegal character in hostname; underscores are not allowed
But if I refresh I immediately get the page without reentering my ldap
credentials. I noticed if I click on the / in the error it brings me to
the correct site also.
I turned up the cache_log debug and see the following:
2005/11/21 15:40:23| The request GET http://www.google.com/ is DENIED,
because it matched 'ldap-auth'
2005/11/21 15:40:23| The reply for GET http://www.google.com/ is
ALLOWED, because it matched 'all'
2005/11/21 15:40:47| The request CONNECT www.paypal.com:443 is DENIED,
because it matched 'ldap-auth'
2005/11/21 15:40:47| The reply for CONNECT www.paypal.com:443 is
ALLOWED, because it matched 'all'
The http sites get through on the first try, the https sites don’t. I
tried the order of the ldap statements but didn’t seem to fix it.
Trying to get https sites to open after the inital ldap login.
Thanks
Received on Mon Nov 21 2005 - 13:03:07 MST
This archive was generated by hypermail pre-2.1.9 : Thu Dec 01 2005 - 12:00:10 MST