Hello All,
I Have the following problem:
All NTLM authentication is working, the samba is working, and the krb5
(I am using ads). - (not the problem, yet)
Examples:
access.log with username ok (if I remove de deny acl, work without problems)
[root_at_maggie squid]# tail /var/log/squid/access.log
1265260503.633����� 0 172.21.1.10 TCP_DENIED/407 2721 GET
http://www.google.com.br/firefox? - NONE/- text/html
1265260503.645����� 2 172.21.1.10 TCP_DENIED/407 3011 GET
http://www.google.com.br/firefox? leo NONE/- text/html
1265260507.608����� 1 172.21.1.10 TCP_DENIED/407 3012 GET
http://www.google.com.br/firefox? - NONE/- text/html
1265260507.614����� 3 172.21.1.10 TCP_DENIED/407 3003 GET
http://www.google.com.br/firefox? leo NONE/- text/html
1265260789.788����� 2 172.21.1.10 TCP_DENIED/407 3002 GET
http://pt-br.fxfeeds.mozilla.com/pt-BR/firefox/headlines.xml - NONE/-
text/html
1265260791.388�� 1598 172.21.1.10 TCP_MISS/302 646 GET
http://pt-br.fxfeeds.mozilla.com/pt-BR/firefox/headlines.xml leo
DIRECT/63.245.209.93 text/html
1265260791.390����� 0 172.21.1.10 TCP_DENIED/407 2346 GET
http://www.estadao.com.br/rss/ultimas.xml? - NONE/- text/html
kerberos is ok:
[root_at_maggie squid]# kinit leo
Password for leo_at_mydomain.com.br
[root_at_maggie squid]#
wbinfo:
[root_at_maggie squid]# wbinfo -t
checking the trust secret via RPC calls succeeded
[root_at_maggie squid]#
wbinfo -u and -g get all users and groups.
My question is:
When I create a rule like this
auth_param ntlm program /usr/bin/ntlm_auth --helper-protocol=squid-2.5-ntlmssp
acl proxy_auth leo leo
deny_info ERR_ACCESS_DENIED leo
http_access deny leo
What happens, rather than show the access denied page, is asking user
and password (as basic mode, instead of NTLM), but I want to be shown
to Access Denied page (ERR_ACCESS_DENIED)!
I'm using Squid 3 with CentOS 5.4 (but I had the same problem with
ubuntu server 8.04 and squid 2.6)
[root_at_maggie usr]# rpm -qa | grep squid
squid-3.0.STABLE20-1.el5
[root_at_maggie usr]#
Thanks!
-- Leonardo Dantas Natal - RN, Brasil. Tel: +55 84 8865-7200 ICQ UIN 15073476 lodantas_at_gmail.com (MSN Messenger) twitter: ldoliveira, skype lodantas007 http://www.linkedin.com/in/ldantas/Received on Thu Feb 04 2010 - 05:56:23 MST
This archive was generated by hypermail 2.2.0 : Thu Feb 04 2010 - 12:00:04 MST