Re: [squid-users] Authentication Rewrite

From: Henrik Nordstrom <hno@dont-contact.us>
Date: Sun, 11 Nov 2001 00:09:10 +0100

The bug you refer to is a minor issue toat can occur while a user is
being reauthenticated.

authenticate_ip_ttl is only related to how long the IP address is sticky
for the user, nothing else.

Regards
Henrik Nordström
Squid Hacker

Henk-Jan Kloosterman wrote:
>
> The mean reason I want to shorten it is "security"
>
> > Yes that rings a small bell and I think it has been fixed, but I fail to
> > see any connection what so ever with athenticate_ip_ttl.
> In 2.4stable or 2.5?
>
> >
> > Regards
> > Henrik
> >
> > Henk-Jan Kloosterman wrote:
> > >
>
> I was under the impresseion that there is a relation between the
> authenticate_ttl and authenticate_ip_ttl
> I want my "secure_id" users not to be able to "share" a username/password.
>
> That is why I set the authenticate_ip_ttl_is_strict to off
Received on Sun Nov 11 2001 - 01:29:03 MST

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:04:02 MST