On Mon, 15 Dec 2003, Esteban wrote: > But if I remove access to the user in my radius server, auth.pl returns > ERR but the access is still granted by the Squid.
More likely a previous OK is remembered by Squid for a while. See the auth_param basic ttl parameter. Due to the stateless nature of HTTP authentication where there is no login/logout but instead the login information is sent in each and every request Squid does not always asks the authentication helper if the login is still valid, instead it remembers if a previous login with the same login+password was OK and accepts new requests with the same login+password if it was not too long ago this login+password was verified with the authentication backend. Regards Henrik
