RE: [squid-users] Password resuse

From: Prasanta kumar Panda <prasanta.kumar@dont-contact.us>
Date: Wed, 12 Feb 2003 09:59:19 +0530

Hi Khiz

Don't use "strict" then.

For 2.4
authenticate_ip_ttl_is_strict off

For 2.5
Don't use "-s" for "max_user_ip".

This will prompt for a second time password every time the IP gets
changed. If some one else is using the username/password of your (valid
user) the (valid user) will be prompted for password frequently which
will make him not to share his credential to other. But this will not
help if you have some sort of tools where you can hardcode the
credential.
Reg.
Prasanta

-----Original Message-----
From: khiz code [mailto:khizcode@yahoo.com]
Sent: Tuesday, February 11, 2003 7:23 PM
To: Prasanta kumar Panda; squid-users@squid-cache.org
Subject: RE: [squid-users] Password resuse

thanks for the reply
well this will bind the user to that specific IP address
what if the (valid user) were to move to another PC during that period
itself .. i guess im talking non sense

henrick ..any pointers ???

TIA KHiz

--- Prasanta kumar Panda <prasanta.kumar@wipro.com> wrote:
>
>
> Hi Khiz
>
> If using 2.4 squid:
> Just set the time for "authenticate_ip_ttl" and make
> "authenticate_ip_ttl_is_strict" on ( is default)
> Ex:
> authenticate_ip_ttl 2 hour
> authenticate_ip_ttl_is_strict on
>
> For 2.5 Squid
>
> authenticate_ip_ttl_is_strict option is served by "acl aclname
> max_user_ip [-s] number"
>
> Use this acl to match and then deny the request. Also you can give a
> custom error page as supported by 2.5
>
> Reg.
> Prasanta
>
>
>
> -----Original Message-----
> From: khiz code [mailto:khizcode@yahoo.com]
> Sent: Tuesday, February 11, 2003 6:20 PM
> To: squid-users@squid-cache.org
> Subject: [squid-users] Password resuse
>
>
> Hie gurus
>
> i ve got a peculiar requirement
>
> after a user authenticates himeslf to squid (using any of the
> available
> mechanisms) i need to be able to restrict the user to that particular
> machine as such time that he is browsing using that machine. SO
during
> such time , no other user should be able to use the same user name and
> password on some other machine ..
>
>
> however once he has logged off (??) , the user name and password can
> be re used on some other machine
>
> I know this is more of a policy issue, wherein passwods should not be

> revealed, but wondering if Technology could do the rescue act :-0)
>
> Thanks in advance
> khiz
>
>
>
>
> __________________________________________________
> Do you Yahoo!?
> Yahoo! Shopping - Send Flowers for Valentine's Day
> http://shopping.yahoo.com
> >
**************************Disclaimer************************************
**************
>
>
> Information contained in this E-MAIL being proprietary to Wipro
> Limited is 'privileged' and 'confidential' and intended for use only
> by the individual or entity to which it is
> addressed. You are notified that any use, copying or dissemination of
the
> information
> contained in the E-MAIL in any manner whatsoever is strictly
prohibited.
>
>
************************************************************************
****************
>
>
>
>

__________________________________________________
Do you Yahoo!?
Yahoo! Shopping - Send Flowers for Valentine's Day
http://shopping.yahoo.com

**************************Disclaimer************************************

Information contained in this E-MAIL being proprietary to Wipro Limited is
'privileged' and 'confidential' and intended for use only by the individual
 or entity to which it is addressed. You are notified that any use, copying
or dissemination of the information contained in the E-MAIL in any manner
whatsoever is strictly prohibited.

***************************************************************************

Received on Tue Feb 11 2003 - 21:29:29 MST

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:13:20 MST