We are investigating the use of squid as an accelerator in front of our
Authoring Web server (Hyperwave) to speed up the response time. Much of
the content is created dynamically by the web server each time, however
the vast majority of the documents are modified by the authors only
occasionally.
The biggest stumbling block is the method used by our server to make the
connections persistent. All of the login information is held in cookies,
the URL's themselves stay the same.
For example: The following URL spider:86/mydir/mypage gets displayed
differently depending on the language selected and whether the user is
logged on or not.
My Problem at the moment is that I would like to cache the documents for
the anonymous logins (i.e. read only access), but not those of the users
logged on (Authorization: header present). It is however only possible
to detect the different accesses based on the document content (Cookies
and Authorization) and not on the basis of the URL. Currently we have to
hit Shift Reload to flush the cache after logging on and then visiting
pages already in the cache.
* Has anyone experience with this kind of problem?
* According to the FAQ: Section 12.23 Responses for requests with an
Authorization header are cach(e)able ONLY if the response includes
Cache-Control: Public - which in our case it does not.
Should squid not simply ignore the documents in the cache if the browser
sends the Authorization: header? Why therefore do we get the wrong
documents?
* Our server sends a lot of 302 Moved Temporarily responses - what
exactly are these?
According to the FAQ: Section 12.19 How does Squid deal with Cookies?
With Squid-2, however, we can filter out specific HTTP headers. But
instead of filtering them on the recieving-side, we filter them on the
sending-side. Thus, squid-2 does cache replies with Set-Cookies headers,
but filters out the Set-Cookie header itself for cache hits.
* Sorry for being a bit dense but could someone explain this in a few
more words - I get mixed up between the send/recieve/filter/hit/....
One possibility that we are also investigating is to set up the server
to accept being talked to as http://author_server/ and
http://readonly_server/ with only the read-only server being cached.
After a login the user would change to the author server. Is likely to
meet some resistance with our client and the user base though.
The other possibility would be to pass all of the input through a pipe
which sends the request either to the cache or directly to the web
server based on the Cookies.
* Are there any tools to do this available?
* We are not using SSL at the moment (anything which slows down the
server even more does not even get considered), will do however
sometime. Are the HTTP headers also encrypted (I presume yes)? Also the
Cookies? If so we can forget looking at the content!
We would be installing the latest stable SQUID if we can get something
to work.
Thanks in advance,
Simon Woods.
-- Siemens Business Services IBS D KS Mch P/Ca, Carl-Weri-Strasse 22, 81739 Muenchen, Germany Tel: +49 (0)89 636-54347 (Fax: -54303) Internet-Mail: mailto:Simon.Woods@mch.sni.deReceived on Wed Feb 02 2000 - 10:57:58 MST
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:50:54 MST