[squid-users] Squid Single Login Only

From: rex_ray . <rex_ray_at_sify.com>
Date: Sat, 3 Sep 2011 17:47:55 +0530

I have the following doubt(or requirement) regarding Squid Proxy
Authentication.

1. User should be able to browse from a single ip only i.e no
concurrent logins. (Achieved this with the help
of 'authenticate_ip_ttl' & 'max_user_ip' directives)

2. If that user closes his browser, he should be able to authenticate
from a new ip or system. (I only get a 'Access Denied'
message when attempting login from a new machine or ip which I guess
results from the 'authenticate_ip_ttl' directive)

 Can somebody point what am doing wrong here. Advance thanks for your help.

My 'squid.conf' authentication related parameters are as given below,

auth_param basic program /usr/lib/squid/squid_ldap_auth -R -b
"dc=example,dc=com" -D "cn=Manager,dc=example,dc=com" -w
"ldapadminpass" -f "uid=%s" -h ldap.server
auth_param basic children 5
auth_param basic realm Squid proxy-caching web server
auth_param basic credentialsttl 2 hours
authenticate_ip_ttl 2 hours
acl ip_limit max_user_ip -s 1
acl ldapauth proxy_auth REQUIRED
http_access deny ip_limit
http_access allow ldapauth
http_access deny all
Received on Sat Sep 03 2011 - 12:18:03 MDT

This archive was generated by hypermail 2.2.0 : Sat Sep 03 2011 - 12:00:02 MDT