> On fre, 2008-05-23 at 20:43 -0400, Tuc at T-B-O-H.NET wrote:
>
> > Once someone is authorized to squid_radius_auth, how
> > long does their session go before it ends, "times out", asks
> > for reauth,etc?
>
> Between the browser and Squid the user authenticates on each request.
>
Yup, understood. Wasn't thinking this part, but thanks.
>
> Squid verifies the account with RADIUS every auth_param basic timetolive
> period.
>
Ok, appreciate it. Hopefully 2 quick followups.
1) If the auth_param basic timetolive is (for example) 120 minutes,
and 10 minutes after the client authenticates the ID is deleted, they'll
still get 110 minutes of browsing time, correct?
2) I did a quick look at the module, and while I'm far from a C
programmer, it doesn't appear that you look for anything from the response
except "Access-Accept" (PW_AUTHENTICATION_ACK). If this is true, has any thought
been given, if it isn't somewhere already and I missed it, to abiding by the
"Session-Timeout" parameter? Is it even possible given the rest of squid to
keep track of a "timetolive" per connection, or would another helper or a
custom helper need to be written to address this?
Thanks! Tuc
Received on Sat May 24 2008 - 02:03:09 MDT
This archive was generated by hypermail 2.2.0 : Tue Aug 05 2008 - 01:05:14 MDT