Re: proxy_auth

From: Robert Franklin <R.C.Franklin@dont-contact.us>
Date: Fri, 5 Mar 1999 11:28:06 +0000 (GMT Standard Time)

On Fri, 5 Mar 1999 19:16:53 +1300 (NZDT) David Zanetti
<dave2@earthling.net> wrote:

> On Fri, 5 Mar 1999, Steven Sporen wrote:
>
> > Does squid re-authenticate (using proxy_auth) at regular intervals?
> > Could I implement a time bassed access system on squid? It
> > looks to me like once a user has authenticated then the user is
> > granted access.
>
> [squid.conf]
> # TAG: authenticate_ttl
> # The time a checked username/password combination remains cached
> # (default 3600). If a wrong password is given for a cached user,
> # the user gets removed from the username/password cache forcing
> # a revalidation.
> #
> #authenticate_ttl 3600

I think that's different, isn't it... doesn't that just let squid cache
the results of the authenticate_program?

I believe the username/password is resent with each HTTP method, so
effectively the user is reauthenticated (based on all the 'acl' rules)
when each object is fetched, data sent, etc.

  - Bob

----------------------------------------------------------------------------
  The Day Today ... because FACT times IMPORTANCE equals NEWS!
----------------------------------------------------------------------------
  Bob "Mince" Franklin ~{], CNE ;), MCSE ;) Tel. (0118) 931 8432
  Systems and Communications Fax. (0118) 975 3094
  IT Services R.C.Franklin@reading.ac.uk
  University of Reading, U.K. http://www.reading.ac.uk/~suq96rcf/
----------------------------------------------------------------------------
Received on Fri Mar 05 1999 - 04:52:15 MST

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:45:08 MST