Hello,
I posted a question last month below. However, I haven't receivedany replies.
Does anyone want to respond to this?
Thanks in advance for any comments you might have.
I investigating source code of ext_ldap_group_acl.cc below.
helpers/external_acl/LDAP_group/ext_ldap_group_acl.cc
571 rc = ldap_simple_bind_s(ld, binddn, bindpasswd);
572 if (rc != LDAP_SUCCESS) {
573 fprintf(stderr, PROGRAM_NAME ": WARNING: could not
bind to binddn '%s'\n ", ldap_err2string(rc));
574 ldap_unbind(ld);
575 ld = NULL;
576 break;
577 }
snip...
593 if (found)
594 SEND_OK("");
595 else {
596 SEND_ERR("");
597 }
Regards,
Kazuhiro
From: asak...@ioc.dnp.co.jp
Subject: [squid-users] ext_ldap_group_acl is returned ERR when LDAP bind was
fail.
Date: Wed, 23 Mar 2016 15:08:50 +0900 (JST)
> Hello,
>
> Thank you always for your kind support.
>
> I would like to ask you about SEND_ERR reply of ext_ldap_group_acl.
> In our environment, squid fail ldap_bind to LDAP server sometimes.
> Then, ext_ldap_group_acl replies "ERR". So, username is registered
> in the negative_cache.
>
> I don't want to register in the negative_cache when external_acl
> failed ldap_bind.
> I guess that to solve if ext_ldap_group_acl reply SEND_BH instead of
> SEND_ERR.
>
> I would appreciate it if you could investigate this.
>
> Regards,
> Kazuhiro
_______________________________________________
squid-users mailing list
squid-users@lists.squid-cache.org
http://lists.squid-cache.org/listinfo/squid-users
