Re: [squid-users] digest authentication: request interval

From: <[email protected]>
Date: Thu, 1 Feb 2007 19:52:57 +0100 (GMT+01:00)

>> which is the control parameter for setting the auth
>> request
interval?
>
>Authentication in HTTP is per request. Your login details
is cached by
>the browser to avoid having to ask you on each request,
and Squid has no
>control over how long your browser keeps the login
details cached.
..
>Then something is broken. Quite likely the client..
(as there is no
>known clients doing Digest 100% correct).
>
>Which
Squid version?

Version: 2.5.9-10sarge2

>Which browser(s)?

Firefox
1.5 (linux) and IE 6.0

>What's your "auth_param digest" settings?

auth_param digest program /usr/lib/squid/digest_pw_auth
/etc/squid/digpass
auth_param digest children 10
auth_param digest
realm wireless
auth_param digest nonce_garbage_interval 30 minutes
auth_param digest nonce_max_duration 50 minutes
auth_param digest
check_nonce_count on
auth_param digest nonce_strictness off

authenticate_cache_garbage_interval 1 hour
authenticate_ttl 1 hour

I've modified the two parameters above, and now the auth request
interval is more longer, but i'dont understand why. I thought that the
function of authenticate_ttl was:
the time that squid keep the user &
their credentials in cache since their last request. All user
credentials that have passed their TTL are removed from memory and at
the next http request squid looks in password file for user
credentials. If find it, squid doesn't show auth form.
Where are the
troubles?

Thanks, Luca.
 
Received on Thu Feb 01 2007 - 11:53:14 MST

This archive was generated by hypermail pre-2.1.9 : Thu Mar 01 2007 - 12:00:01 MST