[squid-users] Re: Squid authentication ttl

From: Henrik Nordstrom <hno@dont-contact.us>
Date: Wed, 29 May 2002 10:35:45 +0200

Wei Keong wrote:

> 1. authenticate_ttl
> - when authenicate_ttl has expired and Squid request for password again,
> seems that the browser will send the cached password instead of prompting
> the user. Is this true?

The browser sends the password on each and every request. The browser caches
the password in memory to avoid having to ask the user all the time.

The difference you noticed between the different browsers when you open new
windows etc is because the different browsers manage this cached password
differently.

The squid.conf ttl only applies to how long Squid will cache that the same
password is valid, avoiding needing to ask the helper all the time.

> 2. authenticate_ip_ttl & authenticate_ip_ttl_strict on
> - when authenticate_ip_ttl has expired, Squid will not bound authentication
> with specific IP (deny any request from any IP). Will Squid prompt for the
> current user for authentication?

Squid has no control over how long the browser will cache the user
credentials. authenticate_ip_ttl only controls what Squid will do if it sees
valid logins for the same user from more than one IP address.

Regards
Henrik
Received on Wed May 29 2002 - 02:35:57 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:08:15 MST