Hello List,


I have squid authentication problem.

I have this configuration:

Versions: Samba-3 RPM FEDORA
squid-2.5.STABLE4
what i did:

edit smb.conf (with winbind options)
joined domain

net join -U admin

wbinfo -t
checking the trust secret via RPC calls succeeded


I can authenticate a USER to the Domains
a wbinfo -u shows me users and wbinfo -g shows my domain
groups.

Install Squid

./configure --enable-auth=ntlm,basic --enable-delay-pools --enable-snmp \
--enable-useragent-log --prefix=/usr/local/squid --enable-ssl
\ --enable-external-acl-helpers=wbinfo_group

edit squid.conf with:
auth_param ntlm program /usr/lib/squid/wb_ntlmauth
auth_param ntlm children 5
auth_param ntlm max_challenge_reuses 0
auth_param ntlm max_challenge_lifetime 2 minutes
auth_param basic program /usr/lib/squid/wb_auth
auth_param basic children 5
auth_param basic realm ChoicePoint Proxy server
auth_param basic credentialsttl 2 hours


Add the following ACL:
acl AuthorizedUsers proxy_auth REQUIRED

Modify your http_access lines to include "AuthorizedUsers"
http_access allow AuthorizedUsers
http_access deny all


I receive username and password menu.
But I can go trough and there isn't any valid uname or password.


The squid debug gives me:

2004/02/03 20:45:31| The request GET http://www.mail.com/ is DENIED,
because it matched 'AuthorizedUsers'
2004/02/03 20:45:31| The request GET http://www.mail.com/ is DENIED,
because it matched 'AuthorizedUsers'
2004/02/03 20:45:31| clientReadRequest: FD 22: no data to process ((11)
Resource temporarily unavailable)
2004/02/03 20:45:31| The request GET http://www.mail.com/ is DENIED,
because it matched 'AuthorizedUsers'
2004/02/03 20:45:46| The request GET http://www.mail.com/ is DENIED,
because it matched 'AuthorizedUsers'
2004/02/03 20:45:46| clientReadRequest: FD 22: no data to process ((11)
Resource temporarily unavailable)
2004/02/03 20:45:46| The request GET http://www.mail.com/ is DENIED,
because it matched 'AuthorizedUsers'



Thank you for help