Bug #3330

Error when proxy is set to "authenticated"

Added by Davide Principi almost 4 years ago. Updated over 3 years ago.

Status:CLOSEDStart date:
Priority:NormalDue date:
Assignee:-% Done:

100%

Category:nethserver-squid
Target version:v6.7
Security class: Resolution:NOTABUG
Affected version:v6.7 NEEDINFO:No

Description

Steps to reproduce

  • install nethserver-squid
  • nethserver-directory and nethserver-samba are not installed
  • set proxy mode "authenticated"
  • signal-event nethserver-squid-save

If "Authenticated" mode is selected the event nethserver-squid-save fails and the following error is reported and the event fails:

Dec  1 12:19:44 vm2 esmith::event[16051]: 2015/12/01 12:19:44| Processing Configuration File: /etc/squid/squid.conf (depth 0)
Dec  1 12:19:44 vm2 esmith::event[16051]: 2015/12/01 12:19:44| Processing: acl no_cache dstdomain "/etc/squid/acls/no_cache.acl" 
Dec  1 12:19:44 vm2 esmith::event[16051]: 2015/12/01 12:19:44| Warning: empty ACL: acl no_cache dstdomain "/etc/squid/acls/no_cache.acl" 
Dec  1 12:19:44 vm2 esmith::event[16051]: 2015/12/01 12:19:44| Processing: no_cache deny no_cache
...
Dec  1 12:19:44 vm2 esmith::event[16051]: 2015/12/01 12:19:44| Processing: acl authenticated proxy_auth REQUIRED
Dec  1 12:19:44 vm2 esmith::event[16051]: 2015/12/01 12:19:44| Can't use proxy auth because no authentication schemes are fully configured.
Dec  1 12:19:44 vm2 esmith::event[16051]: FATAL: ERROR: Invalid ACL: acl authenticated proxy_auth REQUIRED

Expected behaviour

  • nethserver-squid-save exit successfully
  • basic authentication on a realm INVALID REALM is presented to clients
  • client authentication always fail

Related issues

Related to NethServer 6 - Enhancement #3266: WPAD improvements CLOSED

Associated revisions

Revision 933e8dd1
Added by Giacomo Sanchietti over 3 years ago

Admin manual: add note for proxy. Refs #3330

History

#1 Updated by Davide Principi almost 4 years ago

#2 Updated by Giacomo Sanchietti almost 4 years ago

I suggest to hide the authenticated mode from the web interface if nethserver-directory is not installed.

#3 Updated by Filippo Carletti over 3 years ago

I'd prefer to raise an error suggesting to install nethserver-directory.
But maybe we could simply document the configuration and fix the template as suggested by Davide.

#4 Updated by Giacomo Sanchietti over 3 years ago

  • Status changed from TRIAGED to ON_DEV
  • Assignee set to Giacomo Sanchietti
  • % Done changed from 20 to 30

#5 Updated by Giacomo Sanchietti over 3 years ago

Added nethserver-directory as optional package to web proxy yum group.

#6 Updated by Giacomo Sanchietti over 3 years ago

  • Status changed from ON_DEV to CLOSED
  • Assignee deleted (Giacomo Sanchietti)
  • % Done changed from 30 to 100
  • Resolution set to NOTABUG

Also available in: Atom PDF