Leonardo Rodrigues Magalhães wrote:
squid has all the caching mechanisms too.
check your TTL parameters on your squid authentication mechanism.
For example:
auth_param basic credentialsttl 300 seconds
or
external_acl_type ldap_group ttl=300 %LOGIN
Those parameters can make squid 'thinks' a password is OK when it
was changed, as well as believe a user is member of a group when it's
not anymore.
That is true, but if you call the NTLM auth helper on the command line
this does not come into the line; the an actual query is performed and
the answer comes directly from the ADC. And even then I observed large
delays.
JC
