]> git.ipfire.org Git - thirdparty/squid.git/blame - src/acl/external/session/ext_session_acl.8
projects / thirdparty / squid.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
SourceFormat Enforcement
[thirdparty/squid.git] / src / acl / external / session / ext_session_acl.8
CommitLineData
9e8f57e0 1.if !'po4a'hide' .TH ext_session_acl 8 "9 October 2011"
b0c8f295 2.
3.SH NAME
d632afde 4ext_session_acl \- Squid session tracking external acl helper.
83915266 5.PP
9e8f57e0 6Version 1.2
b0c8f295 7.
8.SH SYNOPSIS
c152a447 9.if !'po4a'hide' .B ext_session_acl
83915266
AJ		 10.if !'po4a'hide' .B "[\-t"
11timeout
12.if !'po4a'hide' .B "] [\-b"
13database
14.if !'po4a'hide' .B "] [\-a]"
b0c8f295 15.
16.SH DESCRIPTION
c152a447 17.B ext_session_acl
83915266 18maintains a concept of sessions by monitoring requests
2be46d67
AB		 19and timing out sessions. The timeout is based either on idle use (
20.B \-t
21) or a fixed period of time (
22.B \-T
23). The former is suitable for displaying terms and conditions to a user; the
24latter is suitable for the display of advertisments or other notices (both as a
25splash page \- see config examples in the wiki online). The session helper can also be used
26to force users to re\-authenticate if the
27.B %LOGIN
28and
29.B \-a
30are both used.
b0c8f295 31.
83915266
AJ		 32.SH OPTIONS
33.if !'po4a'hide' .TP 12
34.if !'po4a'hide' .B "\-t timeout"
2be46d67
AB		 35Idle timeout for any session. The default if not specified (set to 3600 seconds).
36.
37.if !'po4a'hide' .TP
38.if !'po4a'hide' .B "\-T timeout"
39Fixed timeout for any session. This will end the session after the timeout regardless
40of a user's activity. If used with
41.B active
42mode, this will terminate the user's session after
43.B timeout
44, after which another
45.B LOGIN
46will be required.
47.B LOGOUT
48will reset the session and timeout.
b0c8f295 49.
83915266
AJ		 50.if !'po4a'hide' .TP
51.if !'po4a'hide' .B "\-b path"
52.B Path
9e8f57e0
AB		 53to persistent database. If a file is specified then that single file is
54used as the database. If a path is specified, a Berkeley DB database
55environment is created within the directory. The advantage of the latter
56is better database support between multiple instances of the session
57helper. Using multiple instances of the session helper with a single
58database file will cause synchronisation problems between processes.
59If this option is not specified the session details will be kept in
60memory only and all sessions will reset each time Squid restarts its
61helpers (Squid restart or rotation of logs).
b0c8f295 62.
83915266
AJ		 63.if !'po4a'hide' .TP
64.if !'po4a'hide' .B \-a
b0c8f295 65Active mode. In this mode sessions are started by evaluating an
92a0c1e0
AJ		 66acl with the argument
67.B LOGIN
68, or terminated by the argument
935c292a 69.B LOGOUT \.
b0c8f295 70Without this flag the helper automatically starts the session after
71the first request.
83915266
AJ		 72.SH CONFIGURATION
73.PP
2be46d67
AB		 74The
75.B ext_session_acl
76helper is a concurrent helper; therefore, the concurrency= option
77.B must
78be specified in the configuration.
79.PP
935c292a 80Passive session configuration example using the default automatic mode
83915266 81.if !'po4a'hide' .RS
06fcded4
AJ		 82.if !'po4a'hide' .B external_acl_type session ttl=300 negative_ttl=0 children=1 concurrency=200 %LOGIN /usr/local/squid/libexec/ext_session_acl
83.if !'po4a'hide' .br
84.if !'po4a'hide' .B acl session external session
85.if !'po4a'hide' .br
86.if !'po4a'hide' .B http_access deny !session
87.if !'po4a'hide' .br
88.if !'po4a'hide' .B deny_info http://your.server.example.com/bannerpage?url=%s session
83915266
AJ		 89.if !'po4a'hide' .RE
90.PP
06fcded4
AJ		 91Then set up
92.B http://your.server.example.com/bannerpage
93to display a session startup page and then redirect the user back to the requested URL given in the url query parameter.
83915266 94.
b0c8f295 95.SH AUTHOR
8c2b74bc
AJ		 96This program and documentation was written by
97.if !'po4a'hide' .I Henrik Nordstrom <henrik@henriknordstrom.net>
9e8f57e0 98.if !'po4a'hide' .I Andrew Beverley <andy@andybev.com>
b0c8f295 99.
83915266 100.SH COPYRIGHT
ca02e0ec 101.PP
4ac4a490 102 * Copyright (C) 1996-2017 The Squid Software Foundation and contributors
ca02e0ec
AJ		 103 *
104 * Squid software is distributed under GPLv2+ license and includes
105 * contributions from numerous individuals and organizations.
106 * Please see the COPYING and CONTRIBUTORS files for details.
107.PP
83915266
AJ		 108This program and documentation is copyright to the authors named above.
109.PP
c871f41e 110Distributed under the GNU General Public License (GNU GPL) version 2 or later (GPLv2+).
83915266 111.
b0c8f295 112.SH QUESTIONS
8c2b74bc
AJ		 113Questions on the usage of this program can be sent to the
114.I Squid Users mailing list
115.if !'po4a'hide' <squid-users@squid-cache.org>
b0c8f295 116.
117.SH REPORTING BUGS
c871f41e
AJ		 118Bug reports need to be made in English.
119See http://wiki.squid-cache.org/SquidFaq/BugReporting for details of what you need to include with your bug report.
120.PP
8c2b74bc 121Report bugs or bug fixes using http://bugs.squid-cache.org/
83915266 122.PP
8c2b74bc 123Report serious security bugs to
b0c8f295 124.I Squid Bugs <squid-bugs@squid-cache.org>
83915266 125.PP
8c2b74bc
AJ		 126Report ideas for new improvements to the
127.I Squid Developers mailing list
128.if !'po4a'hide' <squid-dev@squid-cache.org>
b0c8f295 129.
83915266 130.SH SEE ALSO
6d5cbee6
AJ		 131.if !'po4a'hide' .BR squid "(8), "
132.if !'po4a'hide' .BR GPL "(7), "
133.br
134The Squid FAQ wiki
135.if !'po4a'hide' http://wiki.squid-cache.org/SquidFaq
136.br
137The Squid Configuration Manual
138.if !'po4a'hide' http://www.squid-cache.org/Doc/config/
Mirror of https://github.com/squid-cache/squid.git