Re: [squid-users] squid_radius_auth - How long?

From: Amos Jeffries <squid3_at_treenet.co.nz>
Date: Sat, 24 May 2008 15:31:54 +1200

Tuc at T-B-O-H.NET wrote:
>> On fre, 2008-05-23 at 22:02 -0400, Tuc at T-B-O-H.NET wrote:
>>
>>> Is it even possible given the rest of squid to=20
>>> keep track of a "timetolive" per connection, or would another helper or a
>>> custom helper need to be written to address this?
>> Squid will need to be modified slightly to enable basic auth helpers to
>> return the session timeout, but it's not a big change.
>>
> Ok, great, really appreciate the replies. I don't know that any
> of the other authentication systems have a potential notion of a session
> timeout (NCSA, POP spring to mind) so I'm not sure it would be something
> on anyones priority list. Same for some of the other things Radius can
> request timeouts/limits on (Idle-Timeout, VSAs of Input/Output/Total Octets).
> Some of these lead into needing "Accounting Records" so it can easily get
> out of hand. :)

The RADIUS helper bundled with squid is still in need of updates to
handle the NexGen (IPv6) updates in the RADIUS protocol.

If you are willing to do or sponsor someone doing a new helper, it may
be easy to specify result caching inside it according to protocol
'session' timeouts as well.

Amos

-- 
Please use Squid 2.6.STABLE20 or 3.0.STABLE6
Received on Sat May 24 2008 - 03:31:58 MDT

This archive was generated by hypermail 2.2.0 : Tue Aug 05 2008 - 01:05:14 MDT