Search squid archive

Re: squid with kerberos authentication

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



What does the cache.log file say if you add -d to

auth_param negotiate program /usr/lib/squid/squid_kerb_auth

i.e.
auth_param negotiate program /usr/lib/squid/squid_kerb_auth -d

How did you configure IE ?

Can you see a ticket for HTTP/<squid-fqdn> in kerbtray (http://www.microsoft.com/download/en/details.aspx?displaylang=en&id=23018)?

Regards
Markus


"Franco, Battista" <Battista.Franco@xxxxxxxxxxxxxxxx> wrote in message news:0B0BF3F65F960A4B8BE340E64290F4CD0696D9A4@xxxxxxxxxxxxxxxxxxxxxxxxxx...
Hello

On Centos 6 I want used squid (version 3.1.4) with Kerberos
authentication so only AD Windows 2003 authenticated users can surfing.
Well I perform the steps (explained at link
http://wiki.squid-cache.org/ConfigExamples/Authenticate/Kerberos)

but when users tried to surfing the IE require user and password and
didn't surfing.
Why?
Can you help me.

**** MORE INFO ****

I did the following steps:

Install  and configure samba
modify krb5.conf
net ads join -U DOMAIN\administrator
kinit administrator@DOMAIN
export KRB5_KTNAME=FILE:/etc/squid/HTTP.keytab
net ads keytab CREATE -U DOMAIN\administrator
net ads keytab ADD HTTP -U DOMAIN\administrator
unset KRB5_KTNAME
chgrp squid /etc/squid/HTTP.keytab
chmod g+r /etc/squid/HTTP.keytab
modify squid startup file with :
   KRB5_KTNAME=/etc/squid/HTTP.keytab
   export KRB5_KTNAME



below squid.conf file:

....
auth_param negotiate program /usr/lib/squid/squid_kerb_auth
auth_param negotiate children 10
auth_param negotiate keep_alive on
acl auth proxy_auth REQUIRED
...
http_access deny !auth
http_access allow auth
http_access deny all
....


With command :
/usr/lib/squid/squid_kerb_auth_test proxyserver
The token was displayed.






[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux