On Mon, May 08, 2006 at 07:41:02AM -0400, Michael W. Lucas wrote: > I've inherited a Squid 2.5 box that uses Websense for filtering and > squid_radius_auth against a Cisco ACS system for authentication. > > This system asks for your username and password every fifteen minutes. > > Trying to find where this is set is driving me nuts. I understand > that Squid does not provide this function Not quite right. You can indeed enforce re-authentication. It's just lousily documented. See: http://workaround.org/moin/HowSquidAclsWork#head-d6e6569888d3fc8fd4e0dd2031e09744d2bd38e7 (Hmm, I should give it a shorter section name. :) ) Another frequent cause of such re-authentications is an erroneous backend. The credentials are indeed cached in the browser from from time to time Squid checks the backend whether the credentials are still valid. If the backend denies that then Squid will ask the user again for the credentials. The time that Squid believes the credentials are still valid without checking the backend are set in the "auth_param basic credentialsttl" parameter. Kindly Christoph
