> From: Steve Thomas [SMTP:stephen.thomas@adelaide.edu.au]
>
> Maybe I've misunderstood something, but the authenticate_ttl parameter
> in squid.conf seems to be ignored.
>
You do misunderstand.
> If I've understood things, this should "expire" a username/password
> after the indicated period (default 3600 -- seconds?) and require the
> user to re-authenticate themselves. But this doesn't happen.
>
Any such expiry can only be implemented by the browser.
Browsers will normally send the user and password with
every request from when it is accepted to when the
browser is shut down. The squid expiry only affects
how often squid updates its working copy of the correct
values to see in requests.
Where the squid value would make a difference would be if
you continually changed the password. It would then
define the maximum time before the user was challenged
for the *new* password.
Received on Fri Sep 24 1999 - 10:55:17 MDT
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:48:33 MST