[squid-users] Squid and LDAP authentication

Nolan Rumble Wed, 04 Jan 2006 01:00:56 -0800

Hi,

I'm trying to get LDAP authentication working on my squid proxy.  Now
ideally I would like to only allow users in a certain group (namely,
cn=squid,ou=Group,dc=ph,dc=sun,dc=ac,dc=za which is a groupOfUniqueNames
(does this work or must I use an objectClass=posixGroup?) to
authenticate and use the proxy.  How would I go about doing this?  I've
added the following lines to my squid.conf file:


auth_param basic children 5
auth_param basic realm Squid proxy-caching web server
auth_param basic credentialsttl 2 hour
auth_param basic casesensitive off
auth_param basic program /usr/lib/squid/squid_ldap_auth -b
"ou=People,dc=ph,dc=sun,dc=ac,dc=za" -f "cn=squid" -s sub
fsk.ph.sun.ac.za

external_acl_type ldap_group %LOGIN /usr/lib/squid/squid_ldap_group -ZZ
-b "ou=Group,dc=ph,dc=sun,dc=ac,dc=za" -f
"(&(objectclass=groupOfUniqueNames)(cn=%a)(uniqueMember=%v))" -B
"ou=People,dc=ph,dc=sun,dc=ac,dc=za" -F uid="%s" fsk.ph.sun.ac.za

acl password proxy_auth REQUIRED
acl password_group external ldap_group squid
http_access allow password_group

Any help would be appreciated!

Thanks
Nolan

[squid-users] Squid and LDAP authentication

Reply via email to