RE: [squid-users] External Authenticator help!

From: Prash <[email protected]>
Date: Sun, 11 Apr 2004 18:22:13 +0100

Ta, Henrik.

I have now completed my perl script and is working fine on squid. Now since
I've set a lifetime (say 30 min) for each user, I want squid to invoke my
script and check the HA1 value every 5 min (say) regardless of whether user
was browsing or not. Is this possible or do I have to do something in my
script itself?

I was thinking of changing these params.

[
auth_param digest nonce_garbage_interval 5 minutes
auth_param digest nonce_max_duration 5 minutes
auth_param digest nonce_max_count 50
] * I don't think these params will do anything for me??

[
authenticate_cache_garbage_interval 10 minutes
authenticate_ttl 1 minute
] * authenticate_ttl expiry should invoke my script provided the user is not
hammering the internet and not expiring 1 min. Probably I should change it
to seconds.

Am I correct, Henrik? Or is there any other param I can fine tune?

Also, does squid support fancy error pages? I want fancy html style sheets
etc to hook into existing error pages in /etc/squid/errors.

Sorry this post is long. I'm designing a cyber kiosk.

Thanks,
Prash

-----Original Message-----
From: Henrik Nordstrom [mailto:hno@squid-cache.org]
Sent: 11 April 2004 11:45
To: Prash
Cc: Henrik Nordstrom; squid-users@squid-cache.org
Subject: RE: [squid-users] External Authenticator help!

On Sun, 11 Apr 2004, Prash wrote:

> One last question tho.
>
> Is it ok for the external digest authenticator to return "ERR" or should
it
> always return HA1. If I have to return HA1, then I guess I should make up
> some dummy HA1 if I want my auth to fail.

ERR is correct if the username does not exists or otherwise does not have
a H(A1) password hash.

Will clarify this detail in the documentation for the next release.

Regards
Henrik
Received on Sun Apr 11 2004 - 11:20:47 MDT

This archive was generated by hypermail pre-2.1.9 : Fri Apr 30 2004 - 12:00:02 MDT