Hi Chris, -----Original Message----- From: crobert...@gci.net [mailto:crobert...@gci.net] Sent: Thursday, March 19, 2009 10:08 PM To: squid-users@squid-cache.org Subject: Re: [squid-users] Digest LDAP Auth not running
Andreas Krummrich wrote: > -----Original Message----- > From: crobert...@gci.net [mailto:crobert...@gci.net] > Sent: Thursday, March 19, 2009 8:05 PM > To: squid-users@squid-cache.org > Subject: Re: [squid-users] Digest LDAP Auth not running > > Andreas Krummrich wrote: > >> Hi, >> >> I recently installed Squid3 on my Debian Lenny box. After the proxy was >> running fine, I searched for an option to secure the authentication >> > between. > >> As I'm still using LDAP, I decided to use LDAP digest auth. I went through >> this manual: >> http://wiki.squid-cache.org/KnowledgeBase/LdapBackedDigestAuthentication. >> All tests were successful. But I can't authenticate neither with the IE7 >> > nor > >> with Mozilla Firefox. >> >> In get the following error messages: >> >> Connected OK >> searchbase 'uid=user, ou=Users,dc=intern,dc=domain,dc=de' >> 2009/03/19 15:31:20| helperHandleRead: unexpected reply on channel 0 from >> digestauthenticator #1 'c19a6e536533c783e6a8e10eef070605' >> >> > > I think this indicates you are using concurrency with a helper that > doesn't support it. Does your auth_param line include any mention of > "concurrency"? > > I don't know. This is the line: > > auth_param digest program /usr/lib/squid3/digest_ldap_auth -b > "ou=Users,dc=intern,dc=domain,dc=de" -u "uid" -A "l" -D > "uid=digestreader,dc=intern,dc=domamin,dc=de" -W "/etc/digestreader_cred" -e > -v 3 -h ldapserver -d > Hmmm. Try dropping the "-d" as that is a debug flag and might interfere with the proper working of the helper. Groovy ;-) That's it. Never saw a debug flag which stopped a service. Many thanks!! Andreas > Is there anything wrong? > > >> The password hash, which comes back is right. It's the same one like in >> > the > >> LDAP entry. >> >> I checked everything twice, but found no errors. I hope somebody here can >> help me. >> >> Thanks in advance! >> >> Kind Regards, >> Andreas >> > > Chris > > Thanks so far! > > Andreas > Chris
