On Fri, 30 May 2003, Gareth Walters wrote: > I am setting up a new web proxy/cache using squid and I am trying to get > authentication working with squid from winbind.
I've not actually done this specific method myself but I have used various other proxy auth schemes. > The reasoning behind it was to avoid the username/password dialog for > web access but still force authentication. The holy grail... I could be wrong (and I hope so!) but I think it's going to pop up an initial password box. > The problem I am finding is after following the instructions at, > http://www.squid-cache.org/Doc/FAQ/FAQ-23.html > > It doesn't work. > I can use wbinfo (even successfully test authenticating a user) and everything > checks out ok I can even get the list of users from the domain via "getent > passwd" What about wb_auth -d ? what happened when you tried that bit? If that returns OK you're problem is in squid.conf and particularly in combinations of ACL rules & so forth. > But every auth request in squid fails and I cannot work out why as there > doesn't seem to be any more tests/debugging I can do. If you still think it's an auth problem, write a wrapper for wb_auth that logs STDIN & STDOUT. I have previously used smbauth which is just a C wrapper for a shell script calling smbclient which just see's if it can read a file off the SMB server of choice. Alternately, just write a quick C program that takes a line of input and returns OK or ERROR in a continuous loop, the input line will contain "username password". > Has anyone got this working? > Is there a better way to do this? What you've got sounds like it should be good, but failing that have a hunt around for smb_auth which doesen't require recompiling squid. For that matter I can't see why you'd need to recompile squid for wb_auth. FYI, for one client I wrote something to check a mysql database for it's authentication source and gave him a command line utility to maintain it. -- ---<GRiP>--- Grant Parnell - senior consultant For all your Linux Commercial quality support and consulting needs Web: http://www.linuxhelp.com.au Email: [EMAIL PROTECTED] For retail sales see http://www.everythinglinux.com.au Phone 02 8752 6622 to book service. -- SLUG - Sydney Linux User's Group - http://slug.org.au/ More Info: http://lists.slug.org.au/listinfo/slug
