I have the following doubt(or requirement) regarding Squid Proxy
Authentication.
1. User should be able to browse from a single ip only i.e no
concurrent logins. (Achieved this with the help
of 'authenticate_ip_ttl' & 'max_user_ip' directives)
2. If that user closes his browser, he should be able to authenticate
from a new ip or system. (I only get a 'Access Denied'
message when attempting login from a new machine or ip which I guess
results from the 'authenticate_ip_ttl' directive)
Can somebody point what am doing wrong here. Advance thanks for your help.
My 'squid.conf' authentication related parameters are as given below,
auth_param basic program /usr/lib/squid/squid_ldap_auth -R -b
"dc=example,dc=com" -D "cn=Manager,dc=example,dc=com" -w
"ldapadminpass" -f "uid=%s" -h ldap.server
auth_param basic children 5
auth_param basic realm Squid proxy-caching web server
auth_param basic credentialsttl 2 hours
authenticate_ip_ttl 2 hours
acl ip_limit max_user_ip -s 1
acl ldapauth proxy_auth REQUIRED
http_access deny ip_limit
http_access allow ldapauth
http_access deny all
Received on Sat Sep 03 2011 - 12:18:03 MDT
This archive was generated by hypermail 2.2.0 : Sat Sep 03 2011 - 12:00:02 MDT