On fre, 2008-05-23 at 22:02 -0400, Tuc at T-B-O-H.NET wrote:
> 1) If the auth_param basic timetolive is (for example) 120 minutes,
> and 10 minutes after the client authenticates the ID is deleted, they'll
> still get 110 minutes of browsing time, correct?
Correct.
> 2) I did a quick look at the module, and while I'm far from a C
> programmer, it doesn't appear that you look for anything from the response
> except "Access-Accept" (PW_AUTHENTICATION_ACK). If this is true, has any thought
> been given, if it isn't somewhere already and I missed it, to abiding by the
> "Session-Timeout" parameter?
It hasn't been discussed before.
> Is it even possible given the rest of squid to
> keep track of a "timetolive" per connection, or would another helper or a
> custom helper need to be written to address this?
Squid will need to be modified slightly to enable basic auth helpers to
return the session timeout, but it's not a big change.
Regards
Henrik
This archive was generated by hypermail 2.2.0 : Tue Aug 05 2008 - 01:05:14 MDT