Re: [squid-users] Kinder, gentler ignore-auth option

From: Henrik Nordstrom <henrik@dont-contact.us>
Date: Tue, 22 May 2007 00:23:00 +0200

mån 2007-05-21 klockan 17:39 -0400 skrev Benno Blumenthal:

> Because my client is not a browser, it is a service that analyzes data,
> and uses other services to access data, and I wrote the server/client to
> let squid do the caching, rather than reinventing the wheel. I am
> encouraging the data service in question to label their HTTP responses
> correctly (with Cache-Control: public and Vary: Authorization) headers,
> but not clear that they will pay any attention to me, a story you
> probably have heard before.

Ok. So requesting http://user:password@host/path without an
Authorization header and refresh_pattern ignore-auth will probably do
what you are looking for without the need for Vary magics..

This syntax is a Squid extension of the HTTP URI scheme but following
the general Internet URI syntax. Squid automatically translates the
user:password part into Basic HTTP authentication when forwarding the
request to a web server (but not when forwarding to another proxy).

This was implemented to allow url rewriter / redirector helpers to add
login details to rewritten requests, but works equally well when
received from the client.

As the login credentials is in the URL it automatically becomes part of
the cache key, avoiding the need for Vary.

Hmm.. most likely ignore-auth isn't needed either on such URIs as there
is no Authorization header.

Regards
Henrikm

Received on Mon May 21 2007 - 16:23:06 MDT

This archive was generated by hypermail pre-2.1.9 : Fri Jun 01 2007 - 12:00:05 MDT