Hi!,
I have tried the following
auth_param basic program /usr/lib/squid/squid_ldap_auth -v 3 -b "dc=domain,dc=com" -f "uid=%s" -h host.domain.com -p 636 -Z
external_acl_type ldap_group %LOGIN /usr/lib/squid/squid_ldap_group -v 3 -b "ou=Groups,dc=domain,dc=com" -f "(&(cn=%g)(memberUid=%u))" -h host.domain.com -p 636 -Z
auth_param basic program /usr/lib/squid/squid_ldap_auth -v 3 -b "dc=domain,dc=com" -f "uid=%s" -h -H ldaps://host.domain.com -p 636
external_acl_type ldap_group %LOGIN /usr/lib/squid/squid_ldap_group -v 3 -b "ou=Groups,dc=domain,dc=com" -f "(&(cn=%g)(memberUid=%u))" -h ldaps://host.domain.com -p 636
auth_param basic program /usr/lib/squid/squid_ldap_auth -Z -v 3 -b "dc=domain,dc=com" -f "uid=%s" -h host.domain.com
external_acl_type ldap_group %LOGIN /usr/lib/squid/squid_ldap_group -Z -v 3 -b "ou=Users,dc=domain,dc=com" -f "(&(cn=%g)(memberUid=%u))" -h host.domain.com
auth_param basic children 10
auth_param basic realm MyNetwork
auth_param basic credentialsttl 2 hours
authenticate_ip_ttl 10 seconds
acl proxy external ldap_group grp1
acl localhost1 proxy_auth 127.0.0.1/32
acl authenticated proxy_auth REQUIRED
but the problem remains the same.. the user and pass is still being sent in clear text between the user browser and proxy server. I think it may have something to do with the basic auth mechanism being used or I may be wrong.
Any pointers would be highly appreciated.
|