Univention Bugzilla – Bug 39901
squid allows basic auth for deactivated accounts
Last modified: 2015-12-09 16:46:21 CET
Squid allows basic auth for deactivated accounts. Only after also locking all login methods squid refuses the login. See also: https://hutten.knut.univention.de/mediawiki/index.php/Produkttests_UCS_4.1_Apache_%26_Squid#Passwort-Auswertung_am_Proxy
the ldap query now checks for disabled posix and kerberos accounts code: 65965 yaml: 65967 univention-squid.yaml
OK - univention-squid (if posix or kerberos is disabled for a user, that user can no longer use squid basic auth) OK - YAML
<http://errata.software-univention.de/ucs/4.1/25.html>