Search squid archive

Re: Force LDAP groups to de-authenticate?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On July 4, 2015 2:57:20 AM EDT, Amos Jeffries <squid3@xxxxxxxxxxxxx> wrote:
>On 4/07/2015 6:08 a.m., Dan Purgert wrote:
>> I'm setting up a squid proxy with LDAP user/group authentication, and
>so 
>> far have been able to sort out the problems I've run into with a
>little 
>> help from google and caches of the various squid mailing lists. 
>> 
>> Currently, it's in a mostly working state for nearly everything (i.e.
>
>> user authentication, allowed/blocked based on what group a user
>belongs 
>> to, client pc auto-updates, etc.).  However, I can't figure out how
>to 
>> force a user to re-authenticate after a set interval of time (say 30 
>> mintues).
>
>
>What exact use-case is this for?
> students logged in only for a class period?
> access differences between class and break times?
> something else?
>
>As Dan mentioned HTTP authentication alone will not do this. Since HTTP
>is stateless the browser is *already* re-authenticating on every single
>request. The user has no interaction. The auth TTLS are just to ensure
>Squid has accurate info about the credentials in its auth cache for the
>backend part.
>
>What you can do is use an external ACL helper to allow/reject based on
>any criteria you code/script it for.
>
>Amos
>
>_______________________________________________
>squid-users mailing list
>squid-users@xxxxxxxxxxxxxxxxxxxxx
>http://lists.squid-cache.org/listinfo/squid-users

Yes,  it's a "allow sites ABC for class time" and "allow xyz for break".

The acls work already for "class"  ... am looking for a way to give "on the fly" breaks.  If that's not possible,  I can work out something else (e.g. define a time based acl from say 2-3 pm or something).  I was just hoping to be able to be less heavy-handed than that. 
-- 
Sent from my Android device with K-9 Mail. Please excuse my brevity.
_______________________________________________
squid-users mailing list
squid-users@xxxxxxxxxxxxxxxxxxxxx
http://lists.squid-cache.org/listinfo/squid-users




[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux