There is indeed a timeout setting for auth users, but it sounds to me that it hasn't expired, hence what appears to be users "bypassing" authentication is actually the normal behavior. Authentication is applied when a session is first created. The user will no longer need to authenticate so long as that session is still active OR the auth timeout has not expired.
You could always issue the "clear auth" and "clear session" commands at CLI to force the user to reauthenticate. Also, you may want to adjust your auth-server timeout for local users: set auth-server Local timeout 30 Cheers, Stefan Fouant On Tue, May 6, 2008 at 4:33 AM, M.Mihailidis <[EMAIL PROTECTED]> wrote: > Hello im trying to configure authentication for users. Im using auth user as > a method but I have a question > > Isn't there a timeout for a user like webauth to relogin to have access > again? There is a timeout in the auth server (local)but even when the > username /password is shown and im not giving the right usr/pass the user > still has access. > > > > _______________________________________________ > juniper-nsp mailing list juniper-nsp@puck.nether.net > https://puck.nether.net/mailman/listinfo/juniper-nsp > _______________________________________________ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp