[squid-users] Group LDAP auth problem

From: Gregor Ibic <[email protected]>
Date: Wed, 2 Jan 2002 16:56:06 +0100

I modified a LDAP authentication program to authenticate groups with MS
Active Domain.
It works ok with one group, but I dont know how to setup rules for two
different groups.

I want to have two groups of users, GroupA and GroupB with different
permissions.
Both grups are in LDAP directory.

The problem is that if the user is in GroupB (and not in GroupA) the
authentication
program tells to squid that the users is not valid. But I want squid to
check also the next line with GroupB

my acl's:
***************************************
acl ieA ldap_auth static InternetA
acl ieB ldap_auth static InternetB

http_access allow ieA
http_access allow ieB
http_access deny all

if user is on group InternetB it is not allowed to use proxy, cause
authentication algorithm
never gets to that line, user is not in group InternetA so authentication
program returns FALSE.

Regards,
Gregor

Intelicom d.o.o.
Security software company
http://www.intelicom.si
email: info@intelicom.si
tel.: ++386 5 6309 158
fax.: ++386 5 6279 355
Received on Wed Jan 02 2002 - 08:49:45 MST

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:05:36 MST