On 23/11/2013 10:33 p.m., FredB wrote: > Hello, > > Do you think I should do a patch for 3.3 ? It should be useful ? > I'm thinking about a new option like > > auth_param basic credentialslogout 2 hours > 3.3 is already a stable release, meaning brand new options/features are no longer accepted. The only exception ther eis if some major security hole is fixed by adding one or backports of existing squid-2 features. Neither of which seems to applicable here. FWIW "logout" is not a concept relevant to Squid. Which is perfroming the simple test of wether the credentials presented on a request are valid at that particular point of time. THe use of a credentials cache complicates this somewhat, but logout is equivalent to TTL in a cache. When the TTL expires the backend gets re-checked for validity at which time it may decode to start rejecting them. Which is what some people call "logged out". I have made some efforts in the 3.4+ series now that key=value parameters to work towards the helpers providing a more dynamic ttl=N parameter and have the cache entry use that instead of the fixed config value. If you want to pick that up and carry it forward it would be great. Amos
