Re: [squid-users] Re: squid + authentication

From: Henrik Nordstrom <[email protected]>
Date: 20 Nov 2002 21:04:17 +0100

ons 2002-11-20 klockan 20.04 skrev Ilya:

> So, browser caches username/password pair?

Yes.

> Then, how long does browser cache it?

For as long as the browser see it fit. Depends on the browser flavor
(and sometimes version).

Some cache the login+password until you fully exit the browser.

Some asks you again if you open a new window.

Some asks you again after some inactivity timeout.

> How long browser sends username/password pair to the proxy
> server? Or, just the same in another words, how long(how many
> times) does squid ask for that pair?

Squid asks for the login+password on each and every request if not
already supplied by the browser.

Most browsers allows the user to attempt entering their credentials
three times before giving up and showing the access denial message sent
by Squid.

Note: The above applies when using Basic or Digest authentication. When
using NTLM authentication the situation is slightly different as then
client TCP connections is authenticated, not individual requests..

Regards
Henrik
Received on Thu Nov 21 2002 - 09:19:21 MST

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:11:20 MST