Search squid archive

Re: Squid3 Authentication digest ldap problema

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hi!
  
Henrik Nordstrom escribió:
> On tor, 2008-06-19 at 15:49 -0430, Edward Ortega wrote:
>   
>> Hi!
>>
>>     I've a problem with authentication ldap on squid3 using digest, i'm
>> using Squid Cache: Version 3.0.PRE5 on Debian ia64 :
>>
>>    # /usr/lib/squid3/digest_ldap_auth -v 3 -b 'dc=something,dc=com' -F
>> '(&(objectclass=posixAccount)(uid=%s))' -H 'ldap://ldap' -A 
>> 'userPassword' -l  -e -d
>>     someuser somepassword
>>     ERR
>>  
>>     Any help would be appreciated, thanks!
>>     
>
> Digest helpers expect a different input.
>
> "username":"realm"<enter>
> (with the quotes)
>
> Additionally userPassword is usually write-only in most LDAP trees for
> security reasons, and practically never contains a Digest H(A1) hash (-e
> option).
>
> The job of a digest helper is to return the Digest H(A1) hash for a
> given username + realm combination. This can be based on either
> plaintext passwords or precalculated digest H(A1) hashes stored in the
> backend..
>
> H(A1) is MD5(username + ":" + realm + ":" + password)
>
>   
   Ok, i store on the '*street*' attribute something like you said (
MD5(username + ":" + realm + ":" + password) ), have i to  store the 
"realm"  argument  on  other  attribute  to squid  understand the hash?

#/usr/lib/squid3/digest_ldap_auth -v 3 -b 'dc=something,dc=com' -F
'(&(objectclass=posixAccount)(uid=%s))' -H 'ldap://ldap' -A '*street*' 
-l -d

> Regards
> Henrik
>   
Thanks agains


[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux