SYSTEM WARNING: 'date_default_timezone_get(): It is not safe to rely on the system's timezone settings. You are *required* to use the date.timezone setting or the date_default_timezone_set() function. In case you used any of those methods and you are still getting this warning, you most likely misspelled the timezone identifier. We selected the timezone 'UTC' for now, but please set date.timezone to select your timezone.' in '/usr/share/mantis/www/core.php' line 264
|Anonymous | Login||2019-04-25 06:00 UTC|
|Main | My View | View Issues | Change Log | Roadmap|
|View Issue Details|
|ID||Project||Category||View Status||Date Submitted||Last Update|
|0001616||Endian Firewall||Proxy HTTP||public||2009-02-24 14:19||2010-01-21 18:17|
|Status||closed||Resolution||no change required|
|Target Version||future||Fixed in Version|
|Summary||0001616: Dansguardian should enable ntlm authplugin when using ntlm auth in squid|
|Description||By default when enabling NTLM Proxy username are not passed to dansguardian.|
The only auth plugin enabled by default is ip.conf
When enabling NTLM Proxy auth dansguardian.conf should uncomment proxy-basic and proxy-ntlm in auth plugins section.
This way we can see which username got blocked in the Content Filter logs.
|Additional Information||Workaround: manually uncomment |
authplugin = '/etc/dansguardian/authplugins/proxy-basic.conf'
authplugin = '/etc/dansguardian/authplugins/proxy-ntlm.conf'
in /etc/dansguardian/dansguardian.conf.tmpl and restart danguardian.
Now you should see the usernames in the content filter logs.
|Tags||No tags attached.|
|will test it with 2.3, but am not shure if it is compatible with the ip auth we use for multiple dansguardian profiles.|
needs definitely the localip patch implemented also for ntlm authplugin. currently it is made only for ip authplugin.
I'm also unsure if it's really necessary to use NTLM here, since authentication already has been done. It's only about the username and the username will always be passed to the parent (login=*:password) since it is a normal proxy-auth header.
It's also to check if squid would pass the whole NTLM header to dansguardian.
|dansguardian does not know anything about NTLM.|
|2009-02-24 14:19||bonald||New Issue|
|2009-02-24 14:19||bonald||Assigned To||=> simon-endian|
|2009-06-08 17:45||simon-endian||Note Added: 0002506|
|2009-06-08 17:45||simon-endian||Status||new => assigned|
|2009-06-09 20:20||peter-endian||Relationship added||child of 0001921|
|2009-06-11 15:14||peter-endian||Note Added: 0002585|
|2009-09-03 17:23||peter-endian||Relationship deleted||child of 0001921|
|2009-11-25 17:34||peter-endian||Target Version||=> future|
|2010-01-21 18:17||peter-endian||Note Added: 0003689|
|2010-01-21 18:17||peter-endian||Status||assigned => closed|
|2010-01-21 18:17||peter-endian||Resolution||open => no change required|
|Copyright © 2000 - 2012 MantisBT Group|