Re: [squid-users] Basic authentication and auth_param basic credentialsttl

From: Amos Jeffries <squid3_at_treenet.co.nz>
Date: Sat, 08 Jun 2013 15:39:40 +1200

On 8/06/2013 3:32 a.m., egobrc_at_gmail.com wrote:
> Hi everybody,
> I have configured Squid (v. 3.1.19) to authenticate against a Samba
> (v. 3.6.3) domain, using smb_auth auth param basic program. Thanks to
> http://www.mail-archive.com/debian-bugs-dist@lists.debian.org/msg638539.html
> I edited smb_auth.sh and now the authentication works smoothly, but
> now I have a doubt about how auth_param basic credentialsttl directive
> works.
> I set it to 8 hours, but each time an user closes the browser and
> re-opens it, the login popup appears; I have also tried
> authenticate_ttl directive, but the result is the same. Is it a
> work-as-intended? Credentials are cached until the browser is opened?
> Thank you in advance.

HTTP requires browser to deliver credentials on *every* request to
Squid. The Squid settings just control how often those credentials are
passed to the backend for verification, and how often Squid
short-circuits the authentication using earlier credentials.

Browser popups are *entirely* a browser feature about where its getting
credentials in thforst place, nothig to do with Squid. A popup is
usually a sign that the browser is unable to locate *any* credentials
that are usable.

Amos
Received on Sat Jun 08 2013 - 03:39:49 MDT

This archive was generated by hypermail 2.2.0 : Sat Jun 08 2013 - 12:00:03 MDT