Search squid archive

RE: Disable user accounts

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



I created my own authentication module, and tried setting nonce_max_duration
to "1 minutes" (I also tried "1 minute", and "2 minutes" to make sure there
wasn't something funky with the word minutes). My authentication module logs
every time it is called. 

But when I sit there and hit refresh on the browser every ~15 seconds, I
don't get any re-authentication calls being made to the auth module (only
the initial authentication). I've kept this test up for over 5 min with no
re-authentication attempts to the auth module.

Did I mis-understand something possibly? Or is nonce_max_duration not
actually causing re-authentication to the auth_module (perhaps it just
sticks within the cached authentication in squid?)

So far the only two ways to lock out users that I understand are the
nonce_max_duration (if I can make it work as I currently understand it
should), and banned user list ACLs w/ "-k reload" calls. If anyone thinks
I'm missing anything else let me know.

Thanks,
Dave



Quote from a previous email:
========================
>   nonce_max_duration determines how long the nonces may be used for. 
> It's closer to what you are wanting, but I'm not sure of there are any
nasty side effects of setting it too low.






[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux