Search squid archive

Re: Where to look for re-authentication

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Mon, May 08, 2006 at 07:41:02AM -0400, Michael W. Lucas wrote:
> I've inherited a Squid 2.5 box that uses Websense for filtering and
> squid_radius_auth against a Cisco ACS system for authentication.
> 
> This system asks for your username and password every fifteen minutes.
> 
> Trying to find where this is set is driving me nuts.  I understand
> that Squid does not provide this function

Not quite right. You can indeed enforce re-authentication. It's just
lousily documented. See:

http://workaround.org/moin/HowSquidAclsWork#head-d6e6569888d3fc8fd4e0dd2031e09744d2bd38e7
(Hmm, I should give it a shorter section name. :) )

Another frequent cause of such re-authentications is an erroneous backend.
The credentials are indeed cached in the browser from from time to time
Squid checks the backend whether the credentials are still valid. If the
backend denies that then Squid will ask the user again for the credentials.
The time that Squid believes the credentials are still valid without
checking the backend are set in the "auth_param basic credentialsttl"
parameter.

Kindly
 Christoph


[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux