I have installed ClearOS 7 Professional with configured proxy, but the problem is that users can log in using their user in capital letters, that way they get browsing privileges that they do not have, I do not know if I explain myself?
The users are created with lowercase letters
But users instead of using lowercase letters use capital letters to tease the rules.
Example
User: pedros pass: 4567
The rules apply, but ...
Using
User: PEDROS pass 4567
When logerse with capital letters can navigate on any page, someone has an idea how to remember this?
The users are created with lowercase letters
But users instead of using lowercase letters use capital letters to tease the rules.
Example
User: pedros pass: 4567
The rules apply, but ...
Using
User: PEDROS pass 4567
When logerse with capital letters can navigate on any page, someone has an idea how to remember this?
Location [ View Larger Map ]
Share this post:
Responses (7)
-
Accepted Answer
I have tried testing for this and I cannot reproduce. What I've done is:
1 - Install Proxy and Content Filter
2 - Set Proxy to Transparent Mode = Disabled; User Authentication = Enabled; NTLM Mode = Disabled
3 - Configure browser to use ClearOS_LAN_IP and port 8080 as its proxy
4 - With user=test, pass=test browsed to www.virginmedia.com - success
5 - In the content filter App Policies > Banned Sites added www.virginmedia.com
6 - Tried browsing to www.virginmedia.com - blocked
7 - Tried user names Test, tesT and TEST. All authenticated with the proxy but were blocked from www.virginmedia.com
To me this is showing username authentication is case insensitive and the Content Filter worked.
Is this your set up or do you use NTLM Authentication? -
Accepted Answer
I have no way of checking any system at the moment, but have a read of this and look for the "casesensitive" section. I don't know if ClearOS uses case sensitivity for users, but if you just use lower case you could try setting it to "on", or of it is already "on", try turning it off. It probably goes in a file /etc/squid.conf or in a subfolder of /etc, but try a "locate squid.conf" to see if you can find it.
If you try anything and it works, please report back. -
Accepted Answer
-
Accepted Answer
Nick Howitt wrote:
Are you using the Content Filter as well? if so, what is the default policy? Block or something else.
Default Policy imageAttachments:
-
-
Accepted Answer
-
Accepted Answer
Nick Howitt wrote:
Are you using the Content Filter as well? if so, what is the default policy? Block or something else.
thanks for answering, but I do not have the active filter, only the proxy and the application policies, what I do not understand is because it allows the login of the uppercase in the web proxy. You should not allow, because users are created with lowercase. -
Accepted Answer
Please login to post a reply
You will need to be logged in to be able to post a reply. Login using the form on the right or register an account if you are new here.
Register Here »