Re: [squid-users] How change timeout of retention user / password

From: Henrik Nordstrom <hno@dont-contact.us>
Date: 09 May 2003 15:45:30 +0200

fre 2003-05-09 klockan 14.28 skrev Stefano Mason:

> Squid seems to remember for 3 minutes the pair user/password and also if
> the LDAP password change during this period I allow to access to squid
> by old password and not by the new.

Yes, Squid remembers the old password as valid for some time, but as
soon as it sees a request using the new password it should forget about
the old one and remember the new instead.

Checking.. yes it still works this way.

> Squid seems to cache also user/password authentication for about 3 minuts.
>
> Is possible to change this behaviour?

How long Squid remembers a password valid is set by the credentials ttl
in squid.conf auth_param basic. Squid will not verify with the LDAP
password if the same password is still valid for this length of time.
However, if another password is received by Squid it will verify this
with the LDAP server

Regards
Henrik

-- 
Donations welcome if you consider my Free Squid support helpful.
https://www.paypal.com/xclick/business=hno%40squid-cache.org
Please consult the Squid FAQ and other available documentation before
asking Squid questions, and use the squid-users mailing-list when no
answer can be found. Private support questions is only answered
for a fee or as part of a commercial Squid support contract.
If you need commercial Squid support or cost effective Squid and
firewall appliances please refer to MARA Systems AB, Sweden
http://www.marasystems.com/, info@marasystems.com
Received on Fri May 09 2003 - 07:45:35 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:16:30 MST