On 05/09/11 22:03, Łukasz Makowski wrote:
> Hello everyone,
>
> I'm using Squid and ldap_authentication, and recently decided do deploy
> ssl_bump feature.
>
> I have made tests for ssl_bump and everything works just fine, but when
> combined with ldap authentication,
> it appeared to have one big disadvantage.
>
> For every site user try to visit, squid pops with its authentication
> window.
> I see that for regular, http traffic message looks like this : "Server
> My_Squid_Server needs authentication blablabla".
> But when ssl_bump triggers during visiting https web page, it states :
> "Server Https_Site_Domain needs authentication blablabla".
>
> I know that this behaviour can be caused by a way that ssl_bump works.
> Please tell me is there any possible method to overcome this ?
>
> Thanks for help.
>
> Lukasz
I suspect you have the recommended "deny !authedUsers" or similar.
Bumped traffic should match "acl HTTPS proto HTTPS". So you should be
able to bypass the auth using that ACL.
Amos
-- Please be using Current Stable Squid 2.7.STABLE9 or 3.1.15 Beta testers wanted for 3.2.0.11Received on Tue Sep 06 2011 - 06:08:26 MDT
This archive was generated by hypermail 2.2.0 : Tue Sep 06 2011 - 12:00:02 MDT