I'm setting up a squid proxy with LDAP user/group authentication, and so far have been able to sort out the problems I've run into with a little help from google and caches of the various squid mailing lists. Currently, it's in a mostly working state for nearly everything (i.e. user authentication, allowed/blocked based on what group a user belongs to, client pc auto-updates, etc.). However, I can't figure out how to force a user to re-authenticate after a set interval of time (say 30 mintues). Essentially, the idea is that the "less-privileged" users (i.e. the students) can get to the sites that they need for their day-to-day school work, but that their permissions should be able to be elevated for a set amount of time in the event the teacher deems it OK. Right or wrong, the administration doesn't want to go with one of the "big boys" in web filters, so I need to kick the users and force a re- auth, as this is for a school environment. It's small (only 10-15 students at one time), but the students have already figured their way around the previous filter that was installed before my time. I know closing the browser clears out all the authentication tokens ... but hoping there's a way I can do this from the backend so there's no need to play those "okay, now close all your browsers" type games if a student gets the elevated permissions. Leads have pointed me to - auth_param basic credentials_ttl <N> minutes - authenticate_ttl <N> minutes - authenticate_cache_garbage_interval <N> minutes Though I don't seem to be able to grasp the concept of getting them to do what I want (if it's possible) Thanks! _______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
