I'm now thinking that this won't work too well - even if the browser dumps
the password when asked for a new one the authentication program still won't
know the difference between a browser "timing out" and a browser being
restarted - so when first starting up it'll reject the first password given.
Bugger
Robert Thiem
> -----Original Message-----
> From: Thiem, Robert [SMTP:thiemr@dpi.qld.gov.au]
> Sent: Thursday, April 27, 2000 10:36 AM
> To: 'squid-users@ircache.net'
> Subject: authentication module programming question
>
> Hi all,
>
> I'm in the process of trying to get my perfect (for me, anyway)
> authentication program to work and have a question about the
> authenticate_ttl timeout.
>
> I'm trying to get an inactivity timeout to work, implemented through an
> auth
> module.
>
> The way I figure it if I set the authenticate_ttl to something reasonably
> small (eg 600 seconds) and have the authentication program send back an
> ERR
> if it hasn't been asked for a particular user's password in, for example,
> half an hour (determined by some argument) then squid should ask the
> browser
> for a new password.
>
> Does this sound workable?
>
> Robert Thiem
> Queensland Dept Of Primary Industries,
> Brisbane Australia
Received on Wed Apr 26 2000 - 23:31:06 MDT
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:53:04 MST