Search squid archive

Re: Help needed with Squid 3.0-STABLE12 reverse proxy messages in cache.log

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Chris Robertson wrote:
Tom Williams wrote:
Amos Jeffries wrote:
Tom Williams wrote:
I've got Squid 3.0-STABLE12 configured as a reverse proxy on RedHat Enterprise Linux 5.

We have pages for logged-in users we DO NOT want cached and pages for anonymous users (not logged into the site) that we do want cached.

We found this article which describes how to this:

http://www.howtoforge.com/how-to-set-up-a-caching-reverse-proxy-with-squid-2.6-on-debian-etch-p2

Section 5 entitled "Different Content For Different Users" describes what we want to do.

Per that article, I've added these lines to my squid config file:

acl set_logged_in_user_cookie rep_header Set-Cookie LOGGED_IN=Y
cache deny set_logged_in_user_cookie
acl clear_logged_in_user_cookie rep_header Cookie LOGGED_IN=Y
cache deny clear_logged_in_user_cookie
acl logged_in_user_cookie     req_header Cookie LOGGED_IN=Y
cache deny logged_in_user_cookie

During testing, I see a bunch of messages like this in my cache.log file:

2009/01/22 23:52:35| ACL::checklistMatches WARNING: 'set_logged_in_user_cookie' ACL is used but there is no HTTP reply -- not matching. 2009/01/22 23:52:35| ACL::checklistMatches WARNING: 'clear_logged_in_user_cookie' ACL is used but there is no HTTP reply -- not matching.

What do these warning messages mean? Does this mean Squid didn't see a HTTP header with "Set-Cookie LOGGED_IN=Y"?

Peace...

Tom


Squid checks to see whether something is allowed to be cached at the time it is requested. Not when the reply is already coming back.
Seems daft yes, but thats the way its currently done.

Which means until someone gets time or money to clean that up, you can only use request or connection information in the cache ACLs.

Amos
Ok. If I'm understanding your correctly, the above acls won't work because they are looking for a HTTP header that won't exist?

Close. You are using rep_header, when you need to use req_header. Also any match for "cache deny" will remove the data from the cache. You might be better off seeing if you can add something to the URL of logged in users (a GET query term, or an added directory that gets mapped out on the back end) so you can use refresh_patterns. Even better, of course is using Cache-Control headers so other web caches know what data to cache, and what not to...

Thanks for the info! I believe the "LOGGED_IN=Y" is what we're trying to key off of but your mentioning adding something to the URL raises another issue we're having and that I'll save for another thread. :)

I'll look into refresh_patterns as well.

What do "rep_header" and "req_header" actually do? The squid.conf file just says they do regular expression matching and that's about it.

We're also working out Cache-Control headers.  :)

Thanks!

Peace...

Tom

[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux