On 25/07/20 2:48 am, Klaus Brandl wrote: > sorry, i did not found this script, and the binary is not available on our > product, because i'm no developer... > Darn. Okay that hinders testing a bit. > But i think, we have a caching problem here, i found out, that the group > informations are only updated on a squid reconfigure. > > And also the acl note group ... seems to be cached as long as squid is > restarted completely. I removed the configured group from the user, but i could > see this group still maching in the cache.log, also after a reconfigure, when > the auth_helper does not tell about this group any more. > The groups are attached to credentials which are attached to the TCP connection (TTL only as long as the connection is open) and a token replay cache for up to authenticate_ttl directive time (default 1 hour). Setting that TTL to something very short, eg: authenticate_ttl 10 seconds ... and disabling connection keep-alive: client_persistent_connections off ... should work around the cache for testing. At least on HTTP traffic. HTTPS traffic goes through the proxy as a single tunnel request - so the entire HTTPS session is just one request/response pair to Squid. Amos _______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
