[squid-users] login expired

[Amos Jeffries]

On 6/02/2015 11:43 a.m., Ignazio Raia wrote:
> This post has NOT been accepted by the mailing list yet. 
> 
> Hello everyone, 
> I installed a Squid proxy server and it works perfectly. 
> I have two questions to ask about the authentication process. 
> 1) I configured the basic_db_auth, but the browser keeps asking login and
> password even though it is right. In this regard I run the script from the
> shell that responds correctly. The file basic_db_auth is in / usr / lib /
> squid3. I just changed the parameters related to my mysql db (db name, user,
> table name, etc.). 
> Can anyone help me and tell me where am I wrong? 

We need to see your squid.conf contents to answer that.

NP: if you are on one of those OS who insist on overwriting squid.conf
with the 270KB documentation file, please drop the comments.
  grep -v -E "^($|#)" squid.conf


At a guess it means the DB could not be connected to, or you forgot
about the --cond parameter default value.


> 
> 2) Due to the above problem I configured an access control via htpasswd
> using basic_ncsa_auth. 
> In this case, after the required credentials and the correct insertion squid
> gives me access to the internet. 
> Now the question is: can I have the credentials expire after a certain time?
> I tried to set credentialttl = 300 seconds, but spent the time with no
> activity I do not receive a new login request. 
> The parameter credentialttl is designed for this purpose?

Yes.

If authentication is working properly you/user should only ever see one
login at start and never again.
The browser is constantly delivering updated/current credentials and
Squid re-verifying those credentials via the helper whenever the TTL
expires or they actually change. But none of that complexity is relevant
to the user - they have not changed.

Amos