On 24/10/2015 1:29 p.m., David Touzeau wrote: > > Hi all. > > I'm testing squid 4.x with Active Directory connection. > > When there are spaces in logged accounts eg : "Jhon Rambo" squid use > only the last string in logon user "Rambo". > > This corrupted account is used in all ACLS and events too and all acls > matches Rambo and not "Jhon Rambo" > > This behavior can be replicated in Squid 3.5x branchs too and be > replicated in both LDAP/NTLM methods. > > * * It should be a security issue and an issue according governments > laws * * > > 1) If we create acls for the account "Rambo" that is - an another person > - of "Jhon Rambo" , Jhon Rambo aka "Rambo" for squid use the same ACLs > as "Rambo" account. > 2) In Europe we must keep Squid logs for the police during 1 year > according Justice needs. This corruption break logs validity according > Squid did not reflect the real connected username. > > How to fix it ? Start with whats in your squid.con settings. proxy_auth values, helper settings. Then go on to what the helper protocol is transmitting. both request and reply lines from the auth and external ACL helpers. Whitespace in user labels is not always dealt with nicely. Amos _______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
