bionic (8) ext_session_acl.8.gz
NAME
ext_session_acl - Squid session tracking external acl helper.
Version 1.2
SYNOPSIS
ext_session_acl [-t timeout ] [-b database ] [-a]
DESCRIPTION
ext_session_acl maintains a concept of sessions by monitoring requests and timing out sessions. The
timeout is based either on idle use ( -t ) or a fixed period of time ( -T ). The former is suitable for
displaying terms and conditions to a user; the latter is suitable for the display of advertisements or
other notices (both as a splash page - see config examples in the wiki online). The session helper can
also be used to force users to re-authenticate if the %LOGIN and -a are both used.
OPTIONS
-t timeout Idle timeout for any session. The default if not specified (set to 3600 seconds).
-T timeout Fixed timeout for any session. This will end the session after the timeout regardless of a
user's activity. If used with active mode, this will terminate the user's session after
timeout , after which another LOGIN will be required. LOGOUT will reset the session and
timeout.
-b path Path to persistent database. If a file is specified then that single file is used as the
database. If a path is specified, a Berkeley DB database environment is created within the
directory. The advantage of the latter is better database support between multiple instances
of the session helper. Using multiple instances of the session helper with a single database
file will cause synchronization problems between processes. If this option is not specified
the session details will be kept in memory only and all sessions will reset each time Squid
restarts its helpers (Squid restart or rotation of logs).
-a Active mode. In this mode sessions are started by evaluating an acl with the argument LOGIN ,
or terminated by the argument LOGOUT . Without this flag the helper automatically starts the
session after the first request.
CONFIGURATION
The ext_session_acl helper is a concurrent helper; therefore, the concurrency= option must be specified
in the configuration.
Passive session configuration example using the default automatic mode
external_acl_type session ttl=300 negative_ttl=0 children=1 concurrency=200 %LOGIN
/usr/local/squid/libexec/ext_session_acl
acl session external session
http_access deny !session
deny_info http://your.server.example.com/bannerpage?url=%s session
Then set up http://your.server.example.com/bannerpage to display a session startup page and then redirect
the user back to the requested URL given in the url query parameter.
AUTHOR
This program and documentation was written by Henrik Nordstrom <henrik@henriknordstrom.net> Andrew Beverley <andy@andybev.com>
COPYRIGHT
* Copyright (C) 1996-2017 The Squid Software Foundation and contributors
*
* Squid software is distributed under GPLv2+ license and includes
* contributions from numerous individuals and organizations.
* Please see the COPYING and CONTRIBUTORS files for details.
This program and documentation is copyright to the authors named above.
Distributed under the GNU General Public License (GNU GPL) version 2 or later (GPLv2+).
QUESTIONS
Questions on the usage of this program can be sent to the Squid Users mailing list <squid-users@squid-
cache.org>
REPORTING BUGS
Bug reports need to be made in English. See http://wiki.squid-cache.org/SquidFaq/BugReporting for details of what you need to include with your bug report. Report bugs or bug fixes using http://bugs.squid-cache.org/ Report serious security bugs to Squid Bugs <squid-bugs@squid-cache.org> Report ideas for new improvements to the Squid Developers mailing list <squid-dev@squid-cache.org>
SEE ALSO
squid(8), GPL(7), The Squid FAQ wiki http://wiki.squid-cache.org/SquidFaq The Squid Configuration Manual http://www.squid-cache.org/Doc/config/ 9 October 2011 ext_session_acl(8)