[prev in list] [next in list] [prev in thread] [next in thread] 

List:       squidguard
Subject:    RE: Usernames with spaces
From:       "Charlie Grosvenor" <charlie () cgrosvenor ! co ! uk>
Date:       2003-09-23 20:03:23
[Download RAW message or body]

I am not so sure that it is a ntlm_auth problem as I have squidguard logging
all destinations that fail and the log that it produces contains the correct
username:

2003-09-23 19:43:12 [309] Request(AllDayUsers/bl_ads/-)
http://ad.uk.doubleclick.net/adj/homepage.ukmnhp/;sz=468x60;ord=511511319616
7302? 192.168.1.219/- charlieg\charlie grosvenor
2003-09-23 19:43:12 [309] Request(AllDayUsers/bl_ads/-)
http://global.msads.net/ads/9176/0000009176_000000000000000023900.gif
192.168.1.219/- charlieg\charlie grosvenor
2003-09-23 19:43:13 [309] Request(AllDayUsers/bl_ads/-)
http://view.atdmt.com/REP/view/msnkxo2s02100129rep/direct/01/
192.168.1.219/- charlieg\charlie grosvenor 

What it is not doing it seems is passing the correct username to the cgi
script it is passing charlieg\\charlie instead of charlieg\\charlie
grosvenor. Does any body have an ideas?

In my squid access log it writes the username as
charlieg\charlie%20grosvenor does any body know if this is the correct
behaviour for  usernames with spaces. I use sarg to generate reports and it
is causing problems as the web browser translates %20 as a space and then
the web server is looking for a file with a space not a %20.

Thank you

Charlie

-----Original Message-----
From: owner-squidguard@relay1.tdcnorge.no
[mailto:owner-squidguard@relay1.tdcnorge.no] On Behalf Of Phil Foxton
Sent: 23 September 2003 11:26
To: Charlie Grosvenor
Cc: squidguard@squidguard.org
Subject: Re: Usernames with spaces

I found that problam and the only way I found around it was to use smb_auth
and edit the source (as per information from the developer).

Maybe emailing the guy who is responsible for ntlm_auth would yield results?

Regards

Phil

On Tue, 2003-09-23 at 06:51, Charlie Grosvenor wrote:
> I have squid requiring users to authenticate using an nt domain using 
> ntlm_auth. All the users on the nt domain are in the form Firstname 
> Lastname, e.g. "charlie grosvenor". I wish to use squidguard to 
> disallow access to certain sites and to restrict some users internet 
> access to certain parts of the day. The problem is that squidguard 
> only seems to pass the first part of the username to:
>  
> redirect
> http://192.168.1.250/cgi-bin/squidGuard.cgi?clientaddr=%a&clientname=%
> n&clientuser=%i&clientgroup=%s&targetgroup=%t&url=%u
>  
> for apache logs says:
>  
> 192.168.1.250 - - [21/Sep/2003:12:45:29 +0100] "GET 
>
/cgi-bin/squidGuard.cgi?clientaddr=192.168.1.250&clientname=proxy.internal.t
estdomain.co.uk&clientuser=charlieg\\charlie&clientgroup=AllDayUsers&targetg
roup=bl_ads&url=http://solair.eunet.yu/ HTTP/1.0" 403 2622 "-" "Mozilla/4.0
(compatible; MSIE 6.0; Windows NT 5.1; .NET CLR 1.0.3705; .NET CLR
1.1.4322)"
>  
> the username is "charlieg\\charlie grosvenor" not "charlieg\\charlie"
>  
> Is there any way around this problem?
>  
> Thank you
> 
> 
> ---
> Outgoing mail is certified Virus Free.
> Checked by AVG anti-virus system (http://www.grisoft.com).
> Version: 6.0.520 / Virus Database: 318 - Release Date: 18/09/2003
--
Phil Foxton
Group Systems Manager
+44 7966 336218
+44 1908 635400


---
Incoming mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.520 / Virus Database: 318 - Release Date: 18/09/2003
 

---
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.520 / Virus Database: 318 - Release Date: 18/09/2003
 

[prev in list] [next in list] [prev in thread] [next in thread]