[squid-users] login expired
FredB
fredbmail at free.fr
Fri Feb 6 09:07:29 UTC 2015
> 2) Due to the above problem I configured an access control via
> htpasswd
> using basic_ncsa_auth.
> In this case, after the required credentials and the correct
> insertion squid
> gives me access to the internet.
> Now the question is: can I have the credentials expire after a
> certain time?
I don't known with recent version (3.4 or 3.5) but I guess you can't, there was a way in Wiki but it doesn't works good, so I made a little patch http://numsys.eu/divers/squid/auth.patch for basic auth, but I can't say if it works with the latest Squid ...
Eg: credentialsttl 30 minutes -> After 30 minutes the pop-up appears, very useful to protect your access, the "bad" and hidden requests are banned when the user is gone (in my case spywares and other plugins), also with high load it reduce the Squid works, because many users are disconnected.
With credentialsttl 10 hours, the users are connected the working day and when someone is missing, and his browser is open, his requests are denied (407)
Perhaps a proper way is to create a new option like authentificationttl related with CRED_BANNED (new value in my patch)
----
Regards,
Fred
http://numsys.eu
http://e2guardian.org
More information about the squid-users
mailing list