Hi... :)
I use squid v2.7 with ldap_auth autentication storing password as ssha hash.
Now, i want to have digest ldap autentication, so i recompile squid
and configure auth_param to use this helper and configure them.
So, testing digest_ldap_auth, all are ok (or i think) :)
# echo '"userTest":"Squid proxy-caching web server"' |
/usr/local/squid/libexec/digest_ldap_auth -b
"dc=maximatt,dc=com,dc=uy"
-A "userpassword" -F
"(&(uid=%s)(enableUser=TRUE)(enableProxyAccount=TRUE))" -D
"uid=proxybind,cn=WebCache-Proxy,cn=
Services,cn=Directory Administrators,dc=maximatt,dc=com,dc=uy"
-w esta_no_es -v 3 -p 636 -d -h ldap://ldap.maximatt.com.uy
Connected OK
user filter
'(&(uid=userTest)(enableUser=TRUE)(enableProxyAccount=TRUE))',
searchbase 'dc=maximatt,dc=com,dc=uy'
password: {SSHA}M9pU6W7QR/0uM996nUFTTi9avvOw46geEx/aeA==
a71d65c82f4e6fcf0db600667362cb0d
# echo -n 'userTest:Squid proxy-caching web
server:{SSHA}M9pU6W7QR/0uM996nUFTTi9avvOw46geEx/aeA==' | md5sum
a71d65c82f4e6fcf0db600667362cb0d -
ok! :) i change squid config and restart the server and....... not work :'(
if i try to access a web page to see the news :) the autentication not work:
# lwp-request -d -e -U -u -p http://192.168.45.8:3128/
http://www.elpais.com.uy
Enter username for Squid proxy-caching web server at
192.168.45.8:3128: userTest
Password: pass
Enter username for Squid proxy-caching web server at
192.168.45.8:3128: userTest
Password: pass
Enter username for Squid proxy-caching web server at 192.168.45.8:3128:
:
:
¿The password value must be stored on ldap server in clear text mode? :(
¿How squid manage encrypted passwords with digest method?
¿Any other ideas?
Thanks in advance! :)
-- Salu2 ;) -- Salu2 ;)Received on Wed May 25 2011 - 13:37:20 MDT
This archive was generated by hypermail 2.2.0 : Thu May 26 2011 - 12:00:03 MDT