The HTTP proxy caches successful authentications for an amount of time also. In the /secureos/etc/proxy/httpp.conf file there is this section:
# Authenticate ttl (time to live) in seconds.
# The time a checked username/password combination remains cached
# (default 3600). If a wrong password is given for a cached user,
# the user gets removed from the username/password cache forcing
# a revalidation.
The default is for the HTTP proxy to cache successful authentications for one hour. If you change this file you must restart httpp to re-read the file: cf daemond restart agent=httpp