Thanks for the explanation, it is clear now. So I need to set up an OS/Browser-side credential retention, like storing them in the browser or a single-sign-on system. 2013/6/8 Amos Jeffries <squid3@xxxxxxxxxxxxx>: > On 8/06/2013 3:32 a.m., egobrc@xxxxxxxxx wrote: >> >> Hi everybody, >> I have configured Squid (v. 3.1.19) to authenticate against a Samba >> (v. 3.6.3) domain, using smb_auth auth param basic program. Thanks to >> >> http://www.mail-archive.com/debian-bugs-dist@xxxxxxxxxxxxxxxx/msg638539.html >> I edited smb_auth.sh and now the authentication works smoothly, but >> now I have a doubt about how auth_param basic credentialsttl directive >> works. >> I set it to 8 hours, but each time an user closes the browser and >> re-opens it, the login popup appears; I have also tried >> authenticate_ttl directive, but the result is the same. Is it a >> work-as-intended? Credentials are cached until the browser is opened? >> Thank you in advance. > > > HTTP requires browser to deliver credentials on *every* request to Squid. > The Squid settings just control how often those credentials are passed to > the backend for verification, and how often Squid short-circuits the > authentication using earlier credentials. > > Browser popups are *entirely* a browser feature about where its getting > credentials in thforst place, nothig to do with Squid. A popup is usually a > sign that the browser is unable to locate *any* credentials that are usable. > > Amos
