[squid-users] ldap_auth - https error

I�m setting up ldap authentication :

My Ldap Config in squid.conf:

auth_param basic program /usr/lib/squid/squid_ldap_auth -b
o=Organization -h ldapserv -D cn=username,o=Organization -w password -
f (&(objectclass=person)(cn=%s))
auth_param basic children 50
auth_param basic realm Web-Proxy
auth_param basic credentialsttl 1 minute

acl ldap-auth proxy_auth REQUIRED
http_access deny !ldap-auth

If I type in an http site http://www.google.com I get a pop up box and
can authenticate and get the site.

If I type in an https site https://www.paypal.com, I get a pop up box
and can authenticate but get the following

ERROR
The requested URL could not be retrieved
________________________________________
While trying to retrieve the URL: /
The following error was encountered:
� Invalid URL
Some aspect of the requested URL is incorrect. Possible problems:
� Missing or incorrect access protocol (should be `http://'' or
similar)
� Missing hostname
� Illegal double-escape in the URL-Path
� Illegal character in hostname; underscores are not allowed

But if I refresh I immediately get the page without reentering my ldap
credentials. I noticed if I click on the / in the error it brings me to
the correct site also.

I turned up the cache_log debug and see the following:

2005/11/21 15:40:23| The request GET http://www.google.com/ is DENIED,
because it matched 'ldap-auth'
2005/11/21 15:40:23| The reply for GET http://www.google.com/ is
ALLOWED, because it matched 'all'

2005/11/21 15:40:47| The request CONNECT www.paypal.com:443 is DENIED,
because it matched 'ldap-auth'
2005/11/21 15:40:47| The reply for CONNECT www.paypal.com:443 is
ALLOWED, because it matched 'all'

The http sites get through on the first try, the https sites don�t. I
tried the order of the ldap statements but didn�t seem to fix it.
Trying to get https sites to open after the inital ldap login.

Thanks
Received on Mon Nov 21 2005 - 13:03:07 MST