Re: [squid-users] Authentication TTL

From: Henrik Nordstrom <hno@dont-contact.us>
Date: Sat, 20 Dec 2003 01:07:38 +0100 (CET)

On Fri, 19 Dec 2003, Travis Bullock wrote:

> I have the squid up and running nicely with NCSA authentication, currently
> testing on my own XP machine with IE6. I would like the users credentials to
> expire every 15 minutes as per request from management.

This has to be done in the browser. It is not something the proxy can
address.

What happens in HTTP authentication is that the user authenticates to his
browser, the browser then reuses this authentication credentials for every
request to the proxy for as long as the browser choose.

> I set the 'auth_param basic credentialsttl' to 15 minutes, opened my browser
> and continued to surf for about 17 minutes (one of the benefits of the job I
> suppose). Unfortunately the helper never asked me to reauthenticate during
> that time.

This only controls how often Squid ask the auth helper to verify that the
password is still valid, and this is what can be controlled in the proxy.

Regards
Henrik
Received on Fri Dec 19 2003 - 17:07:46 MST

This archive was generated by hypermail pre-2.1.9 : Thu Jan 01 2004 - 12:00:18 MST