Re: [squid-users] Password resuse

From: Henrik Nordstrom <hno@dont-contact.us>
Date: 11 Feb 2003 15:53:42 +0100

For this we have the max_user_ip acl type...

Something like this should work:

authenticate_ip_ttl 20 minutes
acl one_computer_only max_user_ip -s 1
http_access deny one_computer_only

HTTP has no notion of "log off". Instead it is simulated by a inactivity
timer (authenticate_ip_ttl).

Regards
Henrik

tis 2003-02-11 klockan 13.50 skrev khiz code:
> Hie gurus
>
> i ve got a peculiar requirement
>
> after a user authenticates himeslf to squid (using any of the available
> mechanisms) i need to be able to restrict the user to that particular machine
> as such time that he is browsing using that machine. SO during such time , no
> other user should be able to use the same user name and password on some other
> machine ..
>
>
> however once he has logged off (??) , the user name and password can be re used
> on some other machine
>
> I know this is more of a policy issue, wherein passwods should not be
> revealed, but wondering if Technology could do the rescue act :-0)
>
> Thanks in advance
> khiz
>
>
>
>
> __________________________________________________
> Do you Yahoo!?
> Yahoo! Shopping - Send Flowers for Valentine's Day
> http://shopping.yahoo.com

-- 
Henrik Nordstrom <hno@squid-cache.org>
MARA Systems AB, Sweden
Received on Tue Feb 11 2003 - 07:53:50 MST

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:13:18 MST