|
| 1 | +<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> |
| 2 | +<HTML> |
| 3 | + <HEAD> |
| 4 | + <TITLE> [squid-users] Using AD groups from negotiate_kerberos_auth in ssl-bumped connections. |
| 5 | + </TITLE> |
| 6 | + <LINK REL="Index" HREF="index.html" > |
| 7 | + <LINK REL="made" HREF="mailto:squid-users%40lists.squid-cache.org?Subject=Re%3A%20%5Bsquid-users%5D%20Using%20AD%20groups%20from%20negotiate_kerberos_auth%20in%0A%20ssl-bumped%20connections.&In-Reply-To=%3CCADJd0Y0U%3D9XsygAn0kjkt5OLnAozabqtAfd_nVr-RxXUqVee7g%40mail.gmail.com%3E"> |
| 8 | + <META NAME="robots" CONTENT="index,nofollow"> |
| 9 | + <style type="text/css"> |
| 10 | + pre { |
| 11 | + white-space: pre-wrap; /* css-2.1, curent FF, Opera, Safari */ |
| 12 | + } |
| 13 | + </style> |
| 14 | + <META http-equiv="Content-Type" content="text/html; charset=us-ascii"> |
| 15 | + <LINK REL="Previous" HREF="027823.html"> |
| 16 | + |
| 17 | + </HEAD> |
| 18 | + <BODY BGCOLOR="#ffffff"> |
| 19 | + <H1>[squid-users] Using AD groups from negotiate_kerberos_auth in ssl-bumped connections.</H1> |
| 20 | + <B>Andrey K</B> |
| 21 | + <A HREF="mailto:squid-users%40lists.squid-cache.org?Subject=Re%3A%20%5Bsquid-users%5D%20Using%20AD%20groups%20from%20negotiate_kerberos_auth%20in%0A%20ssl-bumped%20connections.&In-Reply-To=%3CCADJd0Y0U%3D9XsygAn0kjkt5OLnAozabqtAfd_nVr-RxXUqVee7g%40mail.gmail.com%3E" |
| 22 | + TITLE="[squid-users] Using AD groups from negotiate_kerberos_auth in ssl-bumped connections.">ankor2023 at gmail.com |
| 23 | + </A><BR> |
| 24 | + <I>Tue Mar 3 12:06:01 UTC 2026</I> |
| 25 | + <P><UL> |
| 26 | + <LI>Previous message (by thread): <A HREF="027823.html">[squid-users] passing request body in GET requests |
| 27 | +</A></li> |
| 28 | + |
| 29 | + <LI> <B>Messages sorted by:</B> |
| 30 | + <a href="date.html#27824">[ date ]</a> |
| 31 | + <a href="thread.html#27824">[ thread ]</a> |
| 32 | + <a href="subject.html#27824">[ subject ]</a> |
| 33 | + <a href="author.html#27824">[ author ]</a> |
| 34 | + </LI> |
| 35 | + </UL> |
| 36 | + <HR> |
| 37 | +<!--beginarticle--> |
| 38 | +<PRE>Hello, |
| 39 | + |
| 40 | +I use negotiate_kerberos_auth helper and it sets the AD groups list in a |
| 41 | +group annotation attribute. |
| 42 | +It works well, but this attribute is not available in the subsequent |
| 43 | +requests in an ssl-bumped connection (it is available only in the first |
| 44 | +CONNECT request). |
| 45 | +Is it possible to make this attribute persistent in the current SSL |
| 46 | +connection? I would like to use groups from this attribute to authorize |
| 47 | +users using only "note"-type ACLs, no external helpers involved. |
| 48 | +Kind regards, |
| 49 | +Ankor. |
| 50 | +-------------- next part -------------- |
| 51 | +An HTML attachment was scrubbed... |
| 52 | +URL: <<A HREF="http://lists.squid-cache.org/pipermail/squid-users/attachments/20260303/783ffa48/attachment.htm">http://lists.squid-cache.org/pipermail/squid-users/attachments/20260303/783ffa48/attachment.htm</A>> |
| 53 | +</PRE> |
| 54 | + |
| 55 | +<!--endarticle--> |
| 56 | + <HR> |
| 57 | + <P><UL> |
| 58 | + <!--threads--> |
| 59 | + <LI>Previous message (by thread): <A HREF="027823.html">[squid-users] passing request body in GET requests |
| 60 | +</A></li> |
| 61 | + |
| 62 | + <LI> <B>Messages sorted by:</B> |
| 63 | + <a href="date.html#27824">[ date ]</a> |
| 64 | + <a href="thread.html#27824">[ thread ]</a> |
| 65 | + <a href="subject.html#27824">[ subject ]</a> |
| 66 | + <a href="author.html#27824">[ author ]</a> |
| 67 | + </LI> |
| 68 | + </UL> |
| 69 | + |
| 70 | +<hr> |
| 71 | +<a href="https://lists.squid-cache.org/listinfo/squid-users">More information about the squid-users |
| 72 | +mailing list</a><br> |
| 73 | +</body></html> |
0 commit comments