Bug 516245
| Summary: | negotiate support not enabled in squid (for kerberized sso) | ||||||
|---|---|---|---|---|---|---|---|
| Product: | Red Hat Enterprise Linux 5 | Reporter: | Buchan Milne <bgmilne> | ||||
| Component: | squid | Assignee: | Jiri Skala <jskala> | ||||
| Status: | CLOSED ERRATA | QA Contact: | BaseOS QE <qe-baseos-auto> | ||||
| Severity: | medium | Docs Contact: | |||||
| Priority: | low | ||||||
| Version: | 5.3 | CC: | aglotov, cward, ebenes, ovasik, zmraz | ||||
| Target Milestone: | rc | ||||||
| Target Release: | --- | ||||||
| Hardware: | All | ||||||
| OS: | Linux | ||||||
| Whiteboard: | |||||||
| Fixed In Version: | Doc Type: | Bug Fix | |||||
| Doc Text: | Story Points: | --- | |||||
| Clone Of: | 445337 | Environment: | |||||
| Last Closed: | 2010-03-30 08:18:32 UTC | Type: | --- | ||||
| Regression: | --- | Mount Type: | --- | ||||
| Documentation: | --- | CRM: | |||||
| Verified Versions: | Category: | --- | |||||
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||
| Cloudforms Team: | --- | Target Upstream Version: | |||||
| Embargoed: | |||||||
| Attachments: |
|
||||||
|
Description
Buchan Milne
2009-08-07 16:24:55 UTC
Created attachment 362517 [details]
Proposed patch against squid.spec
Proposed naive patch against squid.spec that enables negotiate support.
The option within squid configuration was enabled thus is supported now. Nevertheless we are not able to verify it. Still getting authentication failures. The env. was set on kerberos enabled system with keytab (with HTTP/$HOSTNAME principals) properly exported and with ownership set permissions set. This settings was used auth_param negotiate program /usr/<lib_pth>/squid/squid_kerb_auth -d auth_param negotiate children 5 auth_param negotiate keep_alive on This defines helper for authentication. Then squid.conf should contain necessary acl: ... acl auth proxy_auth REQUIRED ... http_access deny !auth http_access allow auth Can you please test it in your environment and if you are using different setup put your configuration files? @Buchan Milne Please grab the latest 5.5 Beta bits from RHN, test for the resolution of this request and report your results back here. Also, in the future, when reporting feature requests or defect reports it is critical that you escalate your issues through Red Hat Support. ~~ Attention Customers and Partners - RHEL 5.5 Beta is now available on RHN ~~ RHEL 5.5 Beta has been released! There should be a fix present in this release that addresses your request. Please test and report back results here, by March 3rd 2010 (2010-03-03) or sooner. Upon successful verification of this request, post your results and update the Verified field in Bugzilla with the appropriate value. If you encounter any issues while testing, please describe them and set this bug into NEED_INFO. If you encounter new defects or have additional patch(es) to request for inclusion, please clone this bug per each request and escalate through your support representative. An advisory has been issued which should help the problem described in this bug report. This report is therefore being closed with a resolution of ERRATA. For more information on therefore solution and/or where to find the updated files, please follow the link below. You may reopen this bug report if the solution does not work for you. http://rhn.redhat.com/errata/RHSA-2010-0221.html |