On Sat, 2003-12-06 at 04:34, Anthony Boynes wrote:
> Specifically, what exactly do the following lines do?
Whats wrong with the squid.conf.detault doco? If you can explain what
you don't understand about it, I'll update it appropriately.
...:
"children" numberofchildren
The number of authenticator processes to spawn (no default).
If you start too few Squid will have to wait for them to
process a backlog of credential verifications, slowing it
down. When crendential verifications are done via a (slow)
network you are likely to need lots of authenticator
processes.
auth_param ntlm children 5
"max_challenge_reuses" number
The maximum number of times a challenge given by a ntlm
authentication helper can be reused. Increasing this number
increases your exposure to replay attacks on your network.
0 means use the challenge only once. (disable challenge
caching) See max_ntlm_challenge_lifetime for more information.
auth_param ntlm max_challenge_reuses 0
"max_challenge_lifetime" timespan
The maximum time period that a ntlm challenge is reused
over. The actual period will be the minimum of this time
AND the number of reused challenges.
auth_param ntlm max_challenge_lifetime 2 minutes
Rob
-- GPG key available at: <http://www.robertcollins.net/keys.txt>.
This archive was generated by hypermail pre-2.1.9 : Thu Jan 01 2004 - 12:00:06 MST