First Last Prev Next    This bug is not in your last search results.
Bug 32373 - add gss-spnego (kerberos) support to squid_ldap_ntlm_auth
add gss-spnego (kerberos) support to squid_ldap_ntlm_auth
Status: CLOSED WORKSFORME
Product: UCS extended documentation
Classification: Unclassified
Component: IP and network management
unspecified
Other Linux
: P5 normal (vote)
: UCS 4.0-1-errata
Assigned To: Moritz Muehlenhoff
Felix Botner
: interim-1
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2013-08-26 14:13 CEST by Moritz Muehlenhoff
Modified: 2015-02-10 14:39 CET (History)
4 users (show)

See Also:
What kind of report is it?: ---
What type of bug is this?: ---
Who will be affected by this bug?: ---
How will those affected feel about the bug?: ---
User Pain:
Enterprise Customer affected?:
School Customer affected?:
ISV affected?:
Waiting Support:
Flags outvoted (downgraded) after PO Review:
Ticket number:
Bug group (optional):
Max CVSS v3 score:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Moritz Muehlenhoff univentionstaff 2013-08-26 14:13:30 CEST 
+++ This bug was initially created as a clone of Bug #31972 +++

The changes here should be merged to UCS 3.2

+++ This bug was initially created as a clone of Bug #31967 +++

We should gss-spnego (kerberos) support to squid_ldap_ntlm_auth

than we activate squid negotiate:

# auth negotiate
auth_param negotiate program /usr/lib/squid3/squid_ldap_ntlm_auth --debug --gss-spnego
auth_param negotiate children 10

Linux user with a keberos ticket than can authenticate to the squid server without a password prompt. Windows user with a ticket (samba4) also

Windows user without a ticket (samba3) can also authenticate without a password because then windows does ntlm over negotiate.
Comment 1 Moritz Muehlenhoff univentionstaff 2014-07-17 14:47:48 CEST 
Kerberos authentication if already documented:
http://docs.univention.de/manual-3.2.html#proxy:userauth
Comment 2 Felix Botner univentionstaff 2014-07-21 11:12:59 CEST 
OK
Comment 3 Moritz Muehlenhoff univentionstaff 2015-02-10 14:39:42 CET 
Nothing to release
First Last Prev Next    This bug is not in your last search results.