On Thu, 9 Jun 2005 moonunit@xxxxxxxxxxxx wrote:
Here's the squid.conf ...
external_acl_type negative_ttl=3 %SRC /usr/local/scripts/squid-
session
acl session external session
http_access deny !session
deny_info BANNER session
http_access allow all
You may want to use a smaller negative_ttl. One second, or perhaps even 0.
squid-session script is exactly as Henrik posted (thank you hno):
#!/usr/bin/perl
$|=1;
my %logged_in;
while(<>) {
if (!defined($logged_in{$_})) {
$logged_in{$_} = 1;
print "ERR\n";
} else {
print "OK\n";
}
}
Which this script you need to tell the external_acl_type to only run one
instance of the helper..
But what you really should do is to query some database or registry
keeping track of who has accepted the policy when, and update this from
the policy page when they accept the policy.
Regards
Henrik
