Sorry... The list was no longer in the thread 2011/9/3 Serge Fonville <serge.fonville@xxxxxxxxx>: > Hi, > > HTTP does not support any logout feature. > > 'Normally' sessions expire. > Which is where the authenticate_ip_ttl is for. > > The only alternatives I can think of is build some wrapping utility > arround your browser (on all clients) or use SSO so when a session > invalidates it automatically revalidates. > With the latter you can set your TTL a lot lower. > > But it will require some additional testing to check if this does not > decrease the browsing experience. > > For a better answer, please add information as to your actual goal > (the bigger picture) and what 'problem' are you trying to solve that > requires only one session per user. > > HTH > > Kind regards/met vriendelijke groet, > Serge Fonville > http://www.sergefonville.nl > > Convince Google!! > They need to add GAL support on Android (star to agree) > http://code.google.com/p/android/issues/detail?id=4602 > > > > 2011/9/3 rex_ray . <rex_ray@xxxxxxxx>: >> Hi, >> Thanks for your help. But am newbie when it comes to Squid. >> So could you please enlighten me on the following, >> >>> But there is no logout >>> So there is no way for squid to invalidate the session. >> >> Is it possible to have a logout procedure in Squid? >> >> >> On Sat, Sep 3, 2011 at 5:54 PM, Serge Fonville <serge.fonville@xxxxxxxxx> wrote: >>> HI, >>> From what I understand... >>> You have a login procedure for your browser. >>> But there is no logout >>> So there is no way for squid to invalidate the session. >>> Kind regards/met vriendelijke groet, >>> Serge Fonville >>> http://www.sergefonville.nl >>> >>> Convince Google!! >>> They need to add GAL support on Android (star to agree) >>> http://code.google.com/p/android/issues/detail?id=4602 >>> >>> >>> 2011/9/3 rex_ray . <rex_ray@xxxxxxxx> >>>> >>>> I have the following doubt(or requirement) regarding Squid Proxy >>>> Authentication. >>>> >>>> 1. User should be able to browse from a single ip only i.e no >>>> concurrent logins. (Achieved this with the help >>>> of 'authenticate_ip_ttl' & 'max_user_ip' directives) >>>> >>>> 2. If that user closes his browser, he should be able to authenticate >>>> from a new ip or system. (I only get a 'Access Denied' >>>> message when attempting login from a new machine or ip which I guess >>>> results from the 'authenticate_ip_ttl' directive) >>>> >>>> Can somebody point what am doing wrong here. Advance thanks for your >>>> help. >>>> >>>> My 'squid.conf' authentication related parameters are as given below, >>>> >>>> auth_param basic program /usr/lib/squid/squid_ldap_auth -R -b >>>> "dc=example,dc=com" -D "cn=Manager,dc=example,dc=com" -w >>>> "ldapadminpass" -f "uid=%s" -h ldap.server >>>> auth_param basic children 5 >>>> auth_param basic realm Squid proxy-caching web server >>>> auth_param basic credentialsttl 2 hours >>>> authenticate_ip_ttl 2 hours >>>> acl ip_limit max_user_ip -s 1 >>>> acl ldapauth proxy_auth REQUIRED >>>> http_access deny ip_limit >>>> http_access allow ldapauth >>>> http_access deny all >>> >>> >> >
