Re: [squid-users] Authentication

From: Henrik Nordstrom <hno@dont-contact.us>
Date: Wed, 14 Jan 2004 23:17:14 +0100 (CET)

On Wed, 14 Jan 2004 trainier@kalsec.com wrote:

> Using basic_auth with htpasswd files and would like to know if there's a
> way to:
> 1.) Expire passwords in squid, somehow.

Only if your helper supports password expiry. The NCSA helper does not,
but should be trivial to add.

You can also have something deleting expired users from the active
password file.

My gut feeling is that this is best implemented via an external ACL (with
very short negative ttl), blocking users with expired password access
sending them to a change password page instead.

It is also possible to make use of the message string from the
authentication helper to indicate that the password has expired but this
is less obvious to the users.

> 2.) Allow the users to change their passwords.

This has to be done via other means than Squid as HTTP does not have a
"Change password" method. See the Squid FAQ for some suggestions on how
this can be done.

Regards
Henrik
Received on Wed Jan 14 2004 - 15:17:25 MST

This archive was generated by hypermail pre-2.1.9 : Sun Feb 01 2004 - 12:00:06 MST