basic_sspi_auth.exe
NAMESYNOPSIS
DESCRIPTION
OPTIONS
CONFIGURATION
TESTING
AUTHOR
COPYRIGHT
QUESTIONS
REPORTING BUGS
SEE ALSO
NAME
basic_sspi_auth.exe − Basic authentication protocol
Version 2.0
SYNOPSIS
basic_sspi_auth.exe [−d] [−A Group Name ] [−D Group Name ] [−O Default Domain ]
DESCRIPTION
basic_sspi_auth.exe is a simple authentication module for the Squid proxy server running on Windows NT to authenticate users on an NT domain in native WIN32 mode.
Usage is simple. It accepts a username and password on standard input and will return OK if the username/password is valid for the domain/machine, or ERR if there was some problem. It is possible to authenticate against NT trusted domains specifying the username in the domain\username Microsoft notation.
OPTIONS
−A |
A Windows Local Group name allowed to authenticate. |
||
−d |
Write debug info to stderr. |
||
−D |
A Windows Local Group name not allowed to authenticate. |
||
−O |
The default Domain against to authenticate. |
CONFIGURATION
Users that are allowed to access the web proxy must have the Windows NT User Rights and must be included in the NT LOCAL User Groups specified in the Authenticator’s command line.
This can be accomplished creating a local user group on the NT machine, grant the privilege, and adding users to it.
You will need to set the following line in squid.conf to enable the authenticator:
auth_param basic program c:/squid/libexec/basic_sspi_auth.exe [options]
You will need to set the following lines in squid.conf to enable authentication for your access list:
acl aclName proxy_auth
REQUIRED
http_access allow aclName
You will need to specify the absolute path to basic_sspi_auth.exe in the auth_param basic program directive.
TESTING
I strongly urge
that basic_sspi_auth.exe is tested prior to being
used in a production environment. It may behave differently
on different platforms. To test it, run it from the command
line. Enter username and password pairs separated by a
space. Press ENTER to get an OK or ERR message. Make sure
pressing CTRL-D
behaves the same as a carriage return. Make sure pressing
CTRL-C
aborts the program.
Test that entering no details does not result in an OK or ERR message.
Test that entering an invalid username and password results in an ERR message.
Note that if NT guest user access is allowed on the PDC, an OK message may be returned instead of ERR
Test that entering a valid username and password results in an OK message.
Test that entering a guest username and password returns the correct response for the site’s access policy.
AUTHOR
This program was written by Guido Serassio <[email protected]>
Based on prior work by Antonino Iannella (2000) Andrew Tridgell (1997) Richard Sharpe (1996) Bill Welliver (1999)
This manual was written by Guido Serassio <[email protected]> Amos Jeffries <[email protected]>
COPYRIGHT
This program and documentation is copyright to the authors named above.
Distributed under the GNU General Public License (GNU GPL) version 2 or later (GPLv2+).
QUESTIONS
Questions on the usage of this program can be sent to the Squid Users mailing list <[email protected]>
REPORTING BUGS
Bug reports need to be made in English. See http://wiki.squid-cache.org/SquidFaq/BugReporting for details of what you need to include with your bug report.
Report bugs or bug fixes using http://bugs.squid-cache.org/
Report serious security bugs to Squid Bugs <[email protected]>
Report ideas for new improvements to the Squid Developers mailing list <[email protected]>
SEE ALSO
squid(8),
GPL(7),
The Squid FAQ wiki http://wiki.squid-cache.org/SquidFaq
The Squid Configuration Manual
http://www.squid-cache.org/Doc/config/
Introduction
- About Squid
- Why Squid?
- Squid Developers
- How to Donate
- How to Help Out
- Getting Squid
- Squid Source Packages
- Squid Deployment Case-Studies
- Squid Software Foundation
Documentation
- Quick Setup
- Configuration:
- FAQ and Wiki
- Guide Books:
- Non-English
- More...
Support
- Security Advisories
- Bugzilla Database
- Mailing lists
- Contacting us
- Commercial services
- Project Sponsors
- Squid-based products
Miscellaneous
- Developer Resources
- Related Writings
- Related Software:
- Squid Artwork
Web Site Translations
Mirrors
- Website:
- il ... full list
- FTP Package Archive