[squid-users] Unable to display splash page on inactive timeout
Amos Jeffries
squid3 at treenet.co.nz
Thu Oct 16 05:48:12 UTC 2014
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 16/10/2014 6:03 p.m., santosh wrote:
> Hello Amos,
>
> Thanks for your reply , is there a way to prompt for
> reauthentication if an browsing session is inactive by setting the
> TTL value ? .
You are getting yourself into trouble by confusing the concept of
authentication and concept of browsing session.
Authentication is at its core a yes/no binary value about whether the
client is who they say they are.
eg. are you actually "santosh"? yes/no.
What you are asking is only doable by changing the users credentials,
so the browser cannot use the old ones any more AND in such a way that
the browser cannot automatically find out what the new ones are.
eg. offering users one-time logins which get erased or marked invalid
in the authentication backend system. With the 407 page delivered
containing instructions to get a new one-time password. So if they
press cancel on the browser popup they can follow that process, then
login again.
Amos
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.22 (MingW32)
iQEcBAEBAgAGBQJUP1wcAAoJELJo5wb/XPRjaq8IAJDcVPti4fyMPAMadDf0lE/W
bvj4OCjk/pvCAaa4l3kiHQWyJVWVVIGotKutcByPRIIDgi0inwpwa7bzkLQdhxPA
d2j4MWdYTnTP8xKwMXXdEs5b58liwQlGJm+wzg7Ecdmntgviqbrv4hh4qV8fEIEf
dUzB0F5O8x6SL0eTistdtNq4SDXOKrGfQ7YqaQfCiFcHV6AAU15k0cYqxcH8W0Xl
S9Sm/HzEZS5LZt+tJy2aE0Uu5KKElJS/0zpN2s9G4mNR+ThIBUq0lUFFRWXg92by
HZrdSLfBauPUFvOSR/P/Cs/XWzFuh05qqyw/QzjSvBAO2ghq0pMG6rkCTvbQvMw=
=buJ1
-----END PGP SIGNATURE-----
More information about the squid-users
mailing list