authentication with time out

        I am trying to put a time limit on Internet access at the
library. Because we are in great need of this I though if I could
simply use the authentication mechanism built into Squid it would be
good. I'm working with some others on a program that will have a
complete PC login, but that has a lot of work left.
        I realize that the following program below will not work for
real because the table is embedded in the program and when forked the
processes would be inconsistent. (unless authentication from the same
machine is always to the same forked process) Still I thought that if
I limited myself to one proxy_authentication process it would work for
testing (it seems to). Eventually I will use this program except with
a MySQL database to keep track of users (not written) and a routine to
verify the user/passwords using library card number (written but
unusable outside of this library).

Here is what I need help with:

Is there a way to set up a form so I can redirect patrons to a
login/logout page that will tell them what's happening instead of just
the authentication box? I believe I saw someone on the list ask a
similar question but I never found the answer. I have more or less
complete control of all servers and browsers.

How often does squid actually send data to the authentication program?
When will a browser actually send the data to squid? Does it make
sense to turn off or turn down the browser's cache? What effect will
that have.

The ideal would be for our patrons to log out, but if they walk away
from a machine without logging out or closing it I would like to be
able to require reauthentication after a lack of use - even if they
are still withing their timelimit? Is there a way to make two minute
warning pop-up when I'm about to kick them off?

I included my testing code below. I can send it again when I get it
working with MySQL if anyone is interested. As is is should work fine
with any PERL database inteface. (The MySQL is to let staff do
statistics with excel and access.)

Is Authentication changing radically in any future versions of Squid
which would make this a waster of my time?
        

-- 
Josh Kuperman                       
josh@saratoga.lib.ny.us
Saratoga Springs Public Library 
#!/usr/bin/perl 
$|=1;
# never set a timelimit over 2 minute for testing
$TIMELIMIT = 100;
%database = ();
while (<>) {
    if (/(\w{4})\ (\w{8})/) {
	$user = $1;
	$password =$2;
	$nowis = localtime(time);
	if (! $database{$user}) { $database{$user} = time; }
	$timeused = time - $database{$user} ;
	$yourstart = localtime($database{$user});
	if ($timeused < $TIMELIMIT ){  print "OK\n";}
	else {  print "ERR\n";	}
    } else { print "ERR\n";  }
}
exit 0;