But the authentication isn't running, the browser using squid proxy keeps asking me for username and password. Suspecting that the webGUI could be making some mistake in squid config file, I started editing it's parameters manually. Right now, the ldap authentication line in my squid.conf looks like this:�
I opened slapd in debug mode (slapd -d 255) in my openldap debian-powered VM, and this is the text shown when I try to authenticate in my browser:�
daemon: activity on 1 descriptor
daemon: activity on:
slap_listener_activate(8):�
daemon: epoll: listen=7 active_threads=0 tvp=zero
daemon: epoll: listen=8 busy
>>> slap_listener(ldap:///)
daemon: listen=8, new connection on 13
daemon: added 13r (active) listener=(nil)
daemon: activity on 2 descriptors
daemon: activity on: 13r
daemon: epoll: listen=7 active_threads=0 tvp=zero
daemon: epoll: listen=8 active_threads=0 tvp=zero
daemon: activity on 1 descriptor
daemon: activity on: 13r
daemon: read active on 13
daemon: epoll: listen=7 active_threads=0 tvp=zero
daemon: epoll: listen=8 active_threads=0 tvp=zero
connection_get(13)
connection_get(13): got connid=0
connection_read(13): checking for input on id=0
ber_get_next
ldap_read: want=8, got=8
��0000: �30 34 02 01 01 60 2f 02 � � � � � � � � � � � � � �04...`/. � � � � �
ldap_read: want=46, got=46
��0000: �01 03 04 20 75 69 64 3d �6c 61 6d 70 73 2c 6f 75 � ... uid=lamps,ou �
��0010: �3d 75 73 75 61 72 69 6f �73 2c 64 63 3d 70 69 73 � =usuarios,dc=pis �
��0020: �6f 6c 61 72 80 08 6c 34 �77 64 30 67 67 30 � � � � olar..userpassword � �
ber_get_next: tag 0x30 len 52 contents:
ber_dump: buf=0xa0598a0 ptr=0xa0598a0 end=0xa0598d4 len=52
��0000: �02 01 01 60 2f 02 01 03 �04 20 75 69 64 3d 6c 61 � ...`/.... uid=la �
��0010: �6d 70 73 2c 6f 75 3d 75 �73 75 61 72 69 6f 73 2c � mps,ou=usuarios, �
��0020: �64 63 3d 70 69 73 6f 6c �61 72 80 08 6c 34 77 64 � dc=pisolar..userpass �
��0030: �30 67 67 30 � � � � � � � � � � � � � � � � � � � �word � � � � � � �
ber_get_next
ldap_read: want=8 error=Resource temporarily unavailable
daemon: activity on 1 descriptor
daemon: activity on:
daemon: epoll: listen=7 active_threads=0 tvp=zero
daemon: epoll: listen=8 active_threads=0 tvp=zero
conn=0 op=0 do_bind
ber_scanf fmt ({imt) ber:
ber_dump: buf=0xa0598a0 ptr=0xa0598a3 end=0xa0598d4 len=49
��0000: �60 2f 02 01 03 04 20 75 �69 64 3d 6c 61 6d 70 73 � `/.... uid=lamps �
��0010: �2c 6f 75 3d 75 73 75 61 �72 69 6f 73 2c 64 63 3d � ,ou=usuarios,dc= �
��0020: �70 69 73 6f 6c 61 72 80 �08 6c 34 77 64 30 67 67 � pisolar..userpasswor �
��0030: �30 � � � � � � � � � � � � � � � � � � � � � � � � d � � � � � � � ��
ber_scanf fmt (m}) ber:
ber_dump: buf=0xa0598a0 ptr=0xa0598ca end=0xa0598d4 len=10
��0000: �00 08 6c 34 77 64 30 67 �67 30 � � � � � � � � � � ..userpassword � � � �
>>> dnPrettyNormal: <uid=lamps,ou=usuarios,dc=pisolar>
=> ldap_bv2dn(uid=lamps,ou=usuarios,dc=pisolar,0)
<= ldap_bv2dn(uid=lamps,ou=usuarios,dc=pisolar)=0�
=> ldap_dn2bv(272)
<= ldap_dn2bv(uid=lamps,ou=usuarios,dc=pisolar)=0�
=> ldap_dn2bv(272)
<= ldap_dn2bv(uid=lamps,ou=usuarios,dc=pisolar)=0�
<<< dnPrettyNormal: <uid=lamps,ou=usuarios,dc=pisolar>, <uid=lamps,ou=usuarios,dc=pisolar>
do_bind: version=3 dn="uid=lamps,ou=usuarios,dc=pisolar" method=128
==> bdb_bind: dn: uid=lamps,ou=usuarios,dc=pisolar
bdb_dn2entry("uid=lamps,ou=usuarios,dc=pisolar")
=> bdb_dn2id("dc=pisolar")
<= bdb_dn2id: got id=0x1
=> bdb_dn2id("ou=usuarios,dc=pisolar")
<= bdb_dn2id: got id=0xb
=> bdb_dn2id("uid=lamps,ou=usuarios,dc=pisolar")
<= bdb_dn2id: got id=0x10
entry_decode: "uid=lamps,ou=usuarios,dc=pisolar"
<= entry_decode(uid=lamps,ou=usuarios,dc=pisolar)
=> access_allowed: auth access to "uid=lamps,ou=usuarios,dc=pisolar" "userPassword" requested
=> acl_get: [1] attr userPassword
=> slap_access_allowed: result not in cache (userPassword)
=> acl_mask: access to entry "uid=lamps,ou=usuarios,dc=pisolar", attr "userPassword" requested
=> acl_mask: to value by "", (=0)�
<= check a_dn_pat: cn=admin,dc=pisolar
<= check a_dn_pat: anonymous
<= acl_mask: [2] applying none(=0) (stop)
<= acl_mask: [2] mask: none(=0)
=> slap_access_allowed: auth access denied by none(=0)
=> access_allowed: no more rules
send_ldap_result: conn=0 op=0 p=3
send_ldap_result: err=49 matched="" text=""
send_ldap_response: msgid=1 tag=97 err=49
ber_flush2: 14 bytes to sd 13
��0000: �30 0c 02 01 01 61 07 0a �01 31 04 00 04 00 � � � � 0....a...1.... � �
ldap_write: want=14, written=14
��0000: �30 0c 02 01 01 61 07 0a �01 31 04 00 04 00 � � � � 0....a...1.... � �
daemon: activity on 1 descriptor
daemon: activity on: 13r
daemon: read active on 13
daemon: epoll: listen=7 active_threads=0 tvp=zero
daemon: epoll: listen=8 active_threads=0 tvp=zero
connection_get(13)
connection_get(13): got connid=0
connection_read(13): checking for input on id=0
ber_get_next
ldap_read: want=8, got=7
��0000: �30 05 02 01 02 42 00 � � � � � � � � � � � � � � � 0....B. � � � � ��
ber_get_next: tag 0x30 len 5 contents:
ber_dump: buf=0xa0039c0 ptr=0xa0039c0 end=0xa0039c5 len=5
��0000: �02 01 02 42 00 � � � � � � � � � � � � � � � � � � ...B. � � � � � ��
ber_get_next
ldap_read: want=8, got=0
ber_get_next on fd 13 failed errno=0 (Success)
connection_read(13): input error=-2 id=0, closing.
connection_closing: readying conn=0 sd=13 for close
daemon: activity on 1 descriptor
daemon: activity on:
daemon: epoll: listen=7 active_threads=0 tvp=zero
daemon: epoll: listen=8 active_threads=0 tvp=zero
connection_close: deferring conn=0 sd=13
conn=0 op=1 do_unbind
connection_resched: attempting closing conn=0 sd=13
connection_close: conn=0 sd=13
daemon: removing 13
daemon: activity on 1 descriptor
daemon: activity on:
slap_listener_activate(8):�
daemon: epoll: listen=7 active_threads=0 tvp=zero
daemon: epoll: listen=8 busy
>>> slap_listener(ldap:///)
daemon: activity on 1 descriptor
daemon: activity on:
daemon: epoll: listen=7 active_threads=0 tvp=zero
daemon: epoll: listen=8 active_threads=0 tvp=zero
I tried to set a lot of different config syntaxes at squid.conf, but it always come to the same kind of problem at slapd debug: After reading the user CN and his password, slapd fails to read something else (ldap_read: want=8 error=Resource temporarily unavailable) and then it doesn't authenticates.�
What I'm doing wrong? Is there any problem with my openldap server? With squid? =(
I'd like to thank you all in advance for any support, and say sorry for my broken english. =D