[squid-users] Persistent Proxy-Authentication

From: Ben Herrick <bherrick@dont-contact.us>
Date: Wed, 2 Jan 2002 17:42:41 -0600 (CST)

Hey Everyone,
        I am in the process of setting up a proxy for my company and have
run into some minor difficulty. Most of the users here use Windows
9x/NT/2k and Internet Explorer 5.0 - 6.0 to surf the net. I have set up a
squid proxy for the company to use that requires them to log in. Login's
are validated against an MSNT domain controller.

The validation works fine, the only problem that I have is that subsequent
browser instances cause the user to have to log in again. For example, if
user "fbarr" logs in successfully in the morning and then opens up another
browser window by double clicking IE on the desktop, they are asked to
log in again, even though the initial IE instance may still be running.
The same problem happens if they open HTML email in Outlook 2000. Even if
they are running IE, they are asked to log in to the proxy again. This
seems like an IE bug to me, but I am wondering if there is any way to
work around it with squid.

Is it possible to validate a user:ip pair and keep it validated all day?
We use DHCP here, but the timeout value is long enough where users IP
numbers do not change for more than 24 hours. Dial-up users are not a huge
concern as most of our users use VPN with static IP->user mappings.

Any suggestions on how this could be achieved would be most welcome.
Thanks in advance.

-- 
Ben Herrick
System Administrator
Globalcom, Inc.
333 West Wacker Drive Suite 1500
Chicago, Il 60606-1231
Phone: 312.893.0176
Pager: 800.205.7564
Fax: 312.492.1414
Service: 800.589.1531
mailto:bherrick@global-com.com
Received on Wed Jan 02 2002 - 16:36:28 MST

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:05:36 MST