On 28/01/11 04:26, Jim Moseby wrote:
Some of my users are getting repeated auth challenges, even though I have "auth_param basic credentialsttl 8 hour" in squid.conf. What triggers the auth challenge, and how can I configure so my users will only be challenged once per 8 hour workday?
Triggers when the browser has no credentials stored to send to the proxy. Or if the credentials it sent were rejected by your ACLs.
The common cause of ACLs triggering popups after good auth has been in use is group access checks on the end of a deny line. Place "all" at the end of such lines to prevent existing credentials being re-challenged.
A less common cause if its just a few out of many users may be strange characters in their login or password. Or UTF binary coding being sent by their browser.
The only way to prevent popups for all day with Basic is to keep the browser open at all times. Otherwise normally they can expect one initial popup when they open a new browser.
Amos -- Please be using Current Stable Squid 2.7.STABLE9 or 3.1.10 Beta testers wanted for 3.2.0.4