On Mon, 5 Jan 2004, Andrew Nelson wrote:
> > > I'm sure you know about authenticate_ttl and all about the way squid
> > > caches auth detail so it doesn't have to keep bothering the client...
> >
> >This has nothing at all to do with the client.
>
> By client, I meant browser - and it does!
So do I.
authenticate_ttl has nothing what so ever to do with the browser. It only
controls the interaction between Squid and the specified auth helper Squid
is using to verify the validity password.
> So during the time between squid sending the browser a 407 (or checking
> the details from the auth header) where does it store the list of
> client addresses or whatever (authenticating programs) that are ok?
> Where does squid store this and how ?
Squid sends a 407 if authentication is requred and the request does not
carry valid login credentials in its headers.
Between requests Squid stores:
Login
Password
Last time the password was verified to be correct
to avoid having to ask the helper on each and every request
if the password is still valid.
And to support the max_user_ip ACL there is also a list of IP addresses
from where this login has been seen and when there last was seen an
authenticated request as this user from that IP address.
Regards
Henrik
Received on Mon Jan 05 2004 - 06:21:39 MST
This archive was generated by hypermail pre-2.1.9 : Sun Feb 01 2004 - 12:00:03 MST