David (Dave) Donnan wrote:
> Hello squid users. Is anyone able to help me, please ?
>
> I mistakenly thought I was clever and could force users to logout of
> squid by changing the realm and immediately restarting the server.
> I even thought I could do this with a small cron job, say, 4 times a day.
>
> Background:
>
> http://httpd.apache.org/docs/1.3/howto/auth.html
>
> so that if other resources are requested *from the same realm*, the
> same username and password can be returned to authenticate
>
> Re-creation:
>
> 1. HTTP authenticate
> 2. delta squid.conf, specifically, auth_param basic realm *Change Realm *
> 3. service squid restart
> 4. F5 refresh
>
> However, I surf seamlessly without the HTTP BASIC prompt.
>
> Should this not work ?
A requested realm is sent by Squid, but any realm may come back. If the
Basic authenticator verifies the full realm/username/password trio sent
from client, Squid will accept them as valid and store for future
lookups. AFAIK the realm config option in Squid is just to have
something Squid can suggest in a 407 before the authenticator gets involved.
I would think it possible that browsers might ignore the realm, and try
to use any known user/pass they already have before bothering the user
with annoying popups.
Amos
-- Please be using Current Stable Squid 2.7.STABLE6 or 3.0.STABLE16 Current Beta Squid 3.1.0.10 or 3.1.0.11Received on Tue Jul 21 2009 - 11:04:02 MDT
This archive was generated by hypermail 2.2.0 : Tue Jul 21 2009 - 12:00:03 MDT