[squid-users] authenticate_ip_ttl issues

From: Brett Randall <[email protected]>
Date: 08 Nov 2002 13:39:21 +1100

Hi all...

I am trying to get the authenticate_ip_ttl option to work but am
having issues. My goal is to have authentication working so that when
a user authenticates to the proxy server and is allowed to send
requests, they don't have to enter their username/password again for
another hour. Main reason being that they are getting annoyed with
having to input their details when they receive html e-mails with
images, etc...

My problem is that when they authenticate, squid doesn't appear to do
anything about remembering their IP address. As soon as they close
their browser/e-mail client and reopen, they are asked for their
details again.

Any help would be greatly appreciated... As many details as I can
think you will need to help are below. I normally forget something so
please let me know what else you need to know in order to help.

Details:

[root@proxy brett]# squid -v
Squid Cache: Version 2.5.STABLE1
configure options: i586-mandrake-linux-gnu --prefix=/usr
--exec-prefix=/usr --bindir=/usr/sbin --sbindir=/usr/sbin
--sysconfdir=/etc/squid --datadir=/usr/share --includedir=/usr/include
--libdir=/usr/lib --libexecdir=/usr/lib/squid --localstatedir=/var
--sharedstatedir=/usr/com --mandir=/usr/share/man
--infodir=/usr/share/info --enable-poll --enable-snmp
--enable-removal-policies=heap,lru --enable-useragent-log
--enable-carp --enable-async-io
--enable-storeio=aufs,coss,diskd,ufs,null --enable-htcp
--enable-delay-pools --enable-linux-netfilter --with-pthreads
--enable-ssl --enable-auth=basic,digest,ntlm
--enable-basic-auth-helpers=winbind,multi-domain-NTLM,getpwnam,YP,SMB,SASL,PAM,NCSA,MSNT,LDAP
--enable-ntlm-auth-helpers=SMB,fakeauth,no_check,winbind
--enable-digest-auth-helpers=password

squid.conf necessary pieces:

auth_param basic program /usr/lib/squid/wb_auth
auth_param basic children 5
auth_param basic realm Please enter your username and password to use the Internet
auth_param basic credentialsttl 2 hours
authenticate_ttl 1 hour
authenticate_ip_ttl 3600
acl maxuserip max_user_ip 3
acl password proxy_auth REQUIRED
http_access allow password
http_access deny all

-- 
My software never has bugs. It just develops random features.
Received on Thu Nov 07 2002 - 19:39:23 MST

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:11:13 MST