michael_gra...@cadc.uscourts.gov wrote:
I setup two reverse proxy sites with LDAP authentication. Authentication works fine when I access either site. The problem I'm having is after I authenticate to either site, I try and access a url on the other site and I'm prompted to authenticate again. How can I tell squid to check the authenticated user and stop prompting me for another login?
I guess that depends on your auth_param settings or LDAP configuration, which you omitted.
It's not part of the domain routing config you show below.
Below is my squid.conf setup of both sites. Thanks.... acl ldap-auth proxy auth REQUIRED http_access allow ldap-auth http_port x.x.x.x:80 accel defaultsite=intranet.cadc.circdc.dcn cache_peer x.x.x.x parent 80 0 no-query originserver name=intranet1 round-robin cache_peer x.x.x.x parent 80 0 no-query originserver name=intranet2 round-robin acl sites_intranet dstdomain intranet.cadc.circdc.dcn http_access allow sites=intranet cache_peer_access intranet1 allow sites_intranet cache_peer_access intranet2 allow sites_intranet http_port x.x.x.x:80 accel defaultsite=www.cadc.circdc.dcn cach_peer x.x.x.x parent 80 0 no-query originserver name=iis acl sites=iis dstdomain www.cadc.circdc.dcn http_access allow sites=iis cache_peer_access iis allow sites=iis http_access deny all
Just a note, personally I'd add the ldap-auth ACL to the end of each of the "http_access allow sitesX" lines instead of globally at the top. That would prevent wasting auth resources on people requesting unacceptable domains.
Amos -- Please be using Current Stable Squid 2.7.STABLE7 or 3.0.STABLE21 Current Beta Squid 3.1.0.15
