Hello Folks, Basic authentication. Same user must use different usernames from the same IP in quick succession for role determination purposes. I have this: authenticate_ttl 1 seconds authenticate_ip_ttl 1 seconds auth_param basic credentialsttl 1 seconds I read from Henrik's old posts that authenticate_cache_garbage_interval is not that important for user interaction. So I left that at default. I am also not limiting with max_user_ip acl so authenticate_ip_ttl has no relevance either as far as I can guess. This works fine, user can specify a new username and login with that. When I left these values at defaults, user would specify a new user/pass, but squid was still using his old user in its operations. The problem is: squid acceps the old password of the new username. For example, if I type user1/pass1, browse, close browser. Open, type user2/pass1, access is still granted. What is controlling this? When I was reading about on the issue, Robert seemed to have written a book about explanation of authenticate_ttl and credentialsttl. Thanks him for that. Of course, it all sounded greek to me. Can someone explain us the relation of these values on regular user interaction? Yes, browsers cache credentials and they must be sent to squid on each request. We know this part. Also, isnt keeping these values so low going to be an overkill on squid? I have some users that use static usernames. What settings would give best of both worlds? Thanks in advance for your time. Jenny _________________________________________________________________ The New Busy think 9 to 5 is a cute idea. Combine multiple calendars with Hotmail. http://www.windowslive.com/campaign/thenewbusy?tile=multicalendar&ocid=PID28326::T:WLMTAGL:ON:WL:en-US:WM_HMP:042010_5
