HI, >From what I understand... You have a login procedure for your browser. But there is no logout So there is no way for squid to invalidate the session. Kind regards/met vriendelijke groet, Serge Fonville http://www.sergefonville.nl Convince Google!! They need to add GAL support on Android (star to agree) http://code.google.com/p/android/issues/detail?id=4602 2011/9/3 rex_ray . <rex_ray@xxxxxxxx>: > I have the following doubt(or requirement) regarding Squid Proxy > Authentication. > > 1. User should be able to browse from a single ip only i.e no > concurrent logins. (Achieved this with the help > of 'authenticate_ip_ttl' & 'max_user_ip' directives) > > 2. If that user closes his browser, he should be able to authenticate > from a new ip or system. (I only get a 'Access Denied' > message when attempting login from a new machine or ip which I guess > results from the 'authenticate_ip_ttl' directive) > > Can somebody point what am doing wrong here. Advance thanks for your help. > > My 'squid.conf' authentication related parameters are as given below, > > auth_param basic program /usr/lib/squid/squid_ldap_auth -R -b > "dc=example,dc=com" -D "cn=Manager,dc=example,dc=com" -w > "ldapadminpass" -f "uid=%s" -h ldap.server > auth_param basic children 5 > auth_param basic realm Squid proxy-caching web server > auth_param basic credentialsttl 2 hours > authenticate_ip_ttl 2 hours > acl ip_limit max_user_ip -s 1 > acl ldapauth proxy_auth REQUIRED > http_access deny ip_limit > http_access allow ldapauth > http_access deny all >
