.if !'po4a'hide' <squid-dev@squid-cache.org>
.
.SH SEE ALSO
-.if !'po4a'hide' .B squid "(8), "
-.if !'po4a'hide' .B ldapsearch "(1), "
+.if !'po4a'hide' .BR squid "(8), "
+.if !'po4a'hide' .BR ldapsearch "(1), "
+.if !'po4a'hide' .BR GPL "(7), "
.br
Your favorite LDAP documentation.
.br
.BR RFC2254 " - The String Representation of LDAP Search Filters,"
+.br
+The Squid FAQ wiki
+.if !'po4a'hide' http://wiki.squid-cache.org/SquidFaq
+.br
+The Squid Configuration Manual
+.if !'po4a'hide' http://www.squid-cache.org/Doc/config/
+
.if !'po4a'hide' <squid-dev@squid-cache.org>
.
.SH SEE ALSO
-.if !'po4a'hide' .B squid "(8), "
-.if !'po4a'hide' .B htpasswd "(1)"
+.if !'po4a'hide' .BR squid "(8), "
+.if !'po4a'hide' .BR htpasswd "(1), "
+.if !'po4a'hide' .BR GPL "(7), "
+.br
+The Squid FAQ wiki
+.if !'po4a'hide' http://wiki.squid-cache.org/SquidFaq
+.br
+The Squid Configuration Manual
+.if !'po4a'hide' http://www.squid-cache.org/Doc/config/
+
.if !'po4a'hide' .BR pam.conf "(5), "
.if !'po4a'hide' .BR chown "(1), "
.if !'po4a'hide' .BR chmod "(1), "
+.if !'po4a'hide' .BR GPL "(7), "
.br
PAM Systems Administrator Guide
+.br
+The Squid FAQ wiki
+.if !'po4a'hide' http://wiki.squid-cache.org/SquidFaq
+.br
+The Squid Configuration Manual
+.if !'po4a'hide' http://www.squid-cache.org/Doc/config/
+
.if !'po4a'hide' <squid-dev@squid-cache.org>
.
.SH SEE ALSO
-.if !'po4a'hide' .B squid "(8) "
+.if !'po4a'hide' .BR squid "(8), "
+.if !'po4a'hide' .BR GPL "(7), "
.br
.BR RFC2058 " - Remote Authentication Dial In User Service (RADIUS)"
+.br
+The Squid FAQ wiki
+.if !'po4a'hide' http://wiki.squid-cache.org/SquidFaq
+.br
+The Squid Configuration Manual
+.if !'po4a'hide' http://www.squid-cache.org/Doc/config/
+
.if !'po4a'hide' .BR shadow "(5), "
.if !'po4a'hide' .BR chown "(1), "
.if !'po4a'hide' .BR chmod "(1), "
+.if !'po4a'hide' .BR GPL "(7), "
.br
The Squid FAQ wiki
.if !'po4a'hide' http://wiki.squid-cache.org/SquidFaq
basic_sspi_auth_SOURCES = basic_sspi_auth.cc valid.cc valid.h
basic_sspi_auth_LDADD = \
+ -L$(top_builddir)/lib -lsspwin32 \
$(COMPAT_LIB) \
- -lnetapi32 -ladvapi32 -lsspwin32 \
+ -lnetapi32 -ladvapi32
$(XTRA_LIBS)
-EXTRA_DIST = readme.txt config.test
+man_MANS = basic_db_auth.8
+EXTRA_DIST = basic_sspi_auth.8 config.test
--- /dev/null
+.if !'po4a'hide' .TH basic_sspi_auth 8
+.
+.SH NAME
+.if !'po4a'hide' .B basic_sspi_auth
+.if !'po4a'hide' \-
+Basic authentication protocol
+.PP
+Version 2.0
+.
+.SH SYNOPSIS
+.if !'po4a'hide' .B basic_sspi_auth
+.if !'po4a'hide' .B "[\-d] [\-A "
+Group Name
+.if !'po4a'hide' .B "] [\-D "
+Group Name
+.if !'po4a'hide' .B "] [\-O "
+Default Domain
+.if !'po4a'hide' .B "]"
+.
+.SH DESCRIPTION
+.B basic_sspi_auth
+is a simple authentication module for the Squid proxy server running on Windows NT
+to authenticate users on an NT domain in native WIN32 mode.
+.
+.PP
+Usage is simple. It accepts a username and password on standard input
+and will return OK if the username/password is valid for the domain/machine,
+or ERR if there was some problem.
+It's possible to authenticate against NT trusted domains specifyng the username
+in the domain\\username Microsoft notation.
+.
+.SH OPTIONS
+.if !'po4a'hide' .B basic_sspi_auth
+.if !'po4a'hide' .B \-d
+Write debug info to stderr.
+.if !'po4a'hide' .B \-A
+A Windows Local Group name allowed to authenticate.
+.if !'po4a'hide' .B \-D
+A Windows Local Group name not allowed to authenticate.
+.if !'po4a'hide' .B \-O
+The default Domain against to authenticate.
+.
+.SH CONFGURATION
+.PP Allowing Users.
+Users that are allowed to access the web proxy must have the Windows NT
+User Rights "logon from the network" and must be included in the NT LOCAL User Groups
+specified in the Authenticator's command line.
+.PP
+This can be accomplished creating a local user group on the NT machine, grant the privilege,
+and adding users to it.
+.
+.PP
+You will need to set the following line in
+.B squid.conf
+to enable the authenticator:
+.if !'po4a'hide' .RS
+.if !'po4a'hide' auth_param basic program c:/squid/libexec/basic_sspi_auth.exe [options]
+.if !'po4a'hide' .RE
+.
+.PP
+You will need to set the following lines in
+.B squid.conf
+to enable authentication for your access list -
+.if !'po4a'hide' .RS
+.if !'po4a'hide' acl aclName proxy_auth REQUIRED
+.if !'po4a'hide' http_access allow aclName
+.if !'po4a'hide' .RE
+.
+.PP
+You will need to specify the absolute path to
+.B basic_sspi_auth
+in the
+.B "auth_param basic program"
+directive.
+.
+.SH TESTING
+.PP
+I strongly urge that
+.B basic_sspi_auth
+is tested prior to being used in a
+production environment. It may behave differently on different platforms.
+To test it, run it from the command line. Enter username and password
+pairs separated by a space. Press ENTER to get an OK or ERR message.
+Make sure pressing
+.B CTRL-D
+ behaves the same as a carriage return.
+Make sure pressing
+.B CTRL-C
+ aborts the program.
+.PP
+Test that entering no details does not result in an OK or ERR message.
+.
+Test that entering an invalid username and password results in an ERR message.
+.
+Note that if NT guest user access is allowed on the PDC, an OK message
+may be returned instead of ERR.
+.
+Test that entering an valid username and password results in an OK message.
+.
+Test that entering a guest username and password returns the correct
+response for the site's access policy.
+.
+.SH AUTHOR
+This program was written by
+.if !'po4a'hide' .I Guido Serassio <guido.serassio@acmeconsulting.it>
+.PP
+Based on prior work by
+.if !'po4a'hide' .I Antonino Iannella (2000)
+.if !'po4a'hide' .I Andrew Tridgell (1997)
+.if !'po4a'hide' .I Richard Sharpe (1996)
+.if !'po4a'hide' .I Bill Welliver (1999)
+.PP
+This manual was written by
+.if !'po4a'hide' .I Guido Serassio <guido.serassio@acmeconsulting.it>
+.if !'po4a'hide' .I Amos Jeffries <amosjeffries@squid-cache.org>
+.
+.SH COPYRIGHT
+This program and documentation is copyright to the authors named above.
+.PP
+Distributed under the GNU General Public License (GNU GPL) version 2 or later (GPLv2+).
+.
+.SH QUESTIONS
+Questions on the usage of this program can be sent to the
+.I Squid Users mailing list
+.if !'po4a'hide' <squid-users@squid-cache.org>
+.
+.SH REPORTING BUGS
+Bug reports need to be made in English.
+See http://wiki.squid-cache.org/SquidFaq/BugReporting for details of what you need to include with your bug report.
+.PP
+Report bugs or bug fixes using http://bugs.squid-cache.org/
+.PP
+Report serious security bugs to
+.I Squid Bugs <squid-bugs@squid-cache.org>
+.PP
+Report ideas for new improvements to the
+.I Squid Developers mailing list
+.if !'po4a'hide' <squid-dev@squid-cache.org>
+.
+.SH SEE ALSO
+.if !'po4a'hide' .BR squid "(8), "
+.if !'po4a'hide' .BR GPL "(7), "
+.br
+The Squid FAQ wiki
+.if !'po4a'hide' http://wiki.squid-cache.org/SquidFaq
+.br
+The Squid Configuration Manual
+.if !'po4a'hide' http://www.squid-cache.org/Doc/config/
+++ /dev/null
-This is a simple authentication module for the Squid proxy server running on Windows NT
-to authenticate users on an NT domain in native WIN32 mode.
-
-Usage is simple. It accepts a username and password on standard input
-and will return OK if the username/password is valid for the domain/machine,
-or ERR if there was some problem.
-It's possible to authenticate against NT trusted domains specifyng the username
-in the domain\\username Microsoft notation.
-
-
-==============
-Program Syntax
-==============
-
-mswin_auth [-A UserGroup][-D UserGroup][-O DefaultDomain][-d]
-
--A can specify a Windows Local Group name allowed to authenticate.
--D can specify a Windows Local Group name not allowed to authenticate.
--O can specify the default Domain against to authenticate.
--d enable debugging.
-
-This is released under the GNU General Public License.
-
-
-==============
-Allowing Users
-==============
-
-Users that are allowed to access the web proxy must have the Windows NT
-User Rights "logon from the network" and must be included in the NT LOCAL User Groups
-specified in the Authenticator's command line.
-This can be accomplished creating a local user group on the NT machine, grant the privilege,
-and adding users to it.
-
-Refer to Squid documentation for the required changes to squid.conf.
-
-
-============
-Installation
-============
-
-Type 'make', then 'make install', then 'make clean'.
-
-On Cygwin the default is to install 'mswin_auth' into /usr/local/squid/libexec,
-with other Windows environments into c:/squid/libexec.
-
-Refer to Squid documentation for the required changes to squid.conf.
-You will need to set the following line to enable the authenticator:
-
-auth_param basic program /usr/local/squid/libexec/mswin_auth [options]
-
-or
-
-auth_param basic program c:/squid/libexec/mswin_auth [options]
-
-You will need to set the following lines to enable authentication for
-your access list -
-
- acl <yourACL> proxy_auth REQUIRED
- http_access allow <yourACL>
-
-You will need to specify the absolute path to mswin_auth in the
-'auth_param basic program' directive, and check the 'auth_param basic children'
-and 'auth_param basic credentialsttl'.
-
-
-==================
-Compilation issues
-==================
-
-The Makefile assumes that GCC is in the current PATH.
-mswin_auth compile ONLY on Cygwin Environment, MinGW + MSYS Environment
-or MS VC++.
-
-
-=======
-Testing
-=======
-
-I strongly urge that mswin_auth is tested prior to being used in a
-production environment. It may behave differently on different platforms.
-To test it, run it from the command line. Enter username and password
-pairs separated by a space. Press ENTER to get an OK or ERR message.
-Make sure pressing <CTRL><D> behaves the same as a carriage return.
-Make sure pressing <CTRL><C> aborts the program.
-
-Test that entering no details does not result in an OK or ERR message.
-Test that entering an invalid username and password results in an ERR message.
-Note that if NT guest user access is allowed on the PDC, an OK message
-may be returned instead of ERR.
-Test that entering an valid username and password results in an OK message.
-Test that entering a guest username and password returns the correct
-response for the site's access policy.
-
-
-===============
-Contact details
-===============
-
-To contact the maintainer of this package, e-mail on squidnt@acmeconsulting.it.
-
.if !'po4a'hide' .BR chmod "(1), "
.if !'po4a'hide' .BR nsswitch.conf "(5), "
.if !'po4a'hide' .BR getpwnam "(3), "
-.if !'po4a'hide' .BR getspnam "(3) "
+.if !'po4a'hide' .BR getspnam "(3), "
+.if !'po4a'hide' .BR GPL "(7), "
+.br
+The Squid FAQ wiki
+.if !'po4a'hide' http://wiki.squid-cache.org/SquidFaq
+.br
+The Squid Configuration Manual
+.if !'po4a'hide' http://www.squid-cache.org/Doc/config/
+
.if !'po4a'hide' <squid-dev@squid-cache.org>
.
.SH SEE ALSO
-.if !'po4a'hide' .BR squid "(8) "
+.if !'po4a'hide' .BR squid "(8), "
+.if !'po4a'hide' .BR GPL "(7), "
.br
The Squid FAQ wiki
.if !'po4a'hide' http://wiki.squid-cache.org/SquidFaq
.
.SH SEE ALSO
.if !'po4a'hide' .BR squid "(8), "
-.if !'po4a'hide' .BR squid_ldap_auth "(8), "
+.if !'po4a'hide' .BR basic_ldap_auth "(8), "
.if !'po4a'hide' .BR ldapsearch "(1), "
+.if !'po4a'hide' .BR GPL "(7), "
.br
Your favorite LDAP documentation
.br
.BR RFC2254 " - The String Representation of LDAP Search Filters,"
+.br
+The Squid FAQ wiki
+.if !'po4a'hide' http://wiki.squid-cache.org/SquidFaq
+.br
+The Squid Configuration Manual
+.if !'po4a'hide' http://www.squid-cache.org/Doc/config/
.if !'po4a'hide' <squid-dev@squid-cache.org>
.
.SH SEE ALSO
-.if !'po4a'hide' .BR squid "(8)"
+.if !'po4a'hide' .BR squid "(8), "
+.if !'po4a'hide' .BR GPL "(7), "
+.br
+The Squid FAQ wiki
+.if !'po4a'hide' http://wiki.squid-cache.org/SquidFaq
+.br
+The Squid Configuration Manual
+.if !'po4a'hide' http://www.squid-cache.org/Doc/config/
.SH SEE ALSO
.if !'po4a'hide' .BR squid "(8), "
.if !'po4a'hide' .BR group "(5), "
-.if !'po4a'hide' .BR passwd "(5)"
+.if !'po4a'hide' .BR passwd "(5), "
+.if !'po4a'hide' .BR GPL "(7), "
+.br
+The Squid FAQ wiki
+.if !'po4a'hide' http://wiki.squid-cache.org/SquidFaq
+.br
+The Squid Configuration Manual
+.if !'po4a'hide' http://www.squid-cache.org/Doc/config/
+