Here is a small easy way to set a simple web proxy to authenticate against an ldap server.
Squid Install - (using the rpmforge repository) do a ‘yum install squid’
Locate squid_ldap_auth -
locate squid_ldap_auth ==> /usr/lib64/squid/squid_ldap_auth
- Test connection against your ldap server -
/usr/lib64/squid/squid_ldap_auth -b “dc=alouche,dc=net” -f “uid=%s” -h auth.alouche.net myUser myPassword OK
The OK prompt back shows us that we can easily connect to the ldap server
- Edit squid.conf -
Here is part of the configuration I use to set up the basic ldap authentication in squid
auth_param basic program /usr/lib64/squid/squid_ldap_auth -b “dc=alouche,dc=net” -f “uid=%s” -h auth.alouche.net auth_param basic children 30 auth_param basic realm Please authenticate yourself auth_param basic credentialssttl 1 hours acl ldapauth proxy_auth REQUIRED http_access allow ldapauth
Make sure http_access deny all is as well set and not deleted.
- Start Squid -
chkconfig squid on service squid start
netstat -tupnl ==> should report a socket listening on tcp port 3128
- Next steps -
Make sure to either point your browser to your proxy server and you will see the auth prompt for ldap username and password or follow up on setting an Interception Proxy.
Hope that helped,