Hello,
I've found something concerning this topic in the FAQ and now just want
to make sure I've understood this correctly...
I want to use squid in front of a CMS. The CMS manages "login
information" via cookies, so whenever a user has logged in to the CMS
all HTTP requests contain a header field "Cookie: login=foobar" (of
course encyrpted in some way). Anonymous users don't send such a
cookie...
Whenever a logged in user visits a document she gets a lot of additional
buttons and links to edit this document. Anonymous users use the same
URL to view the document, but of course will not see the edit-features.
Because the CMS is not the fastest one, I want to cache all responses
for a certain amount of time (even for the logged in users, because they
in fact very seldom modify content). The problem has been to ensure,
that anonymous users will not see the pages with the "edit-features",
and that logged in users will always see their edit-features (there are
even different edit-features per user).
I've solved it by setting the "Expires: " header to some minutes in the
future and the header "Vary: Cookie" in all responses that should be
cacheable.
As I have understood the "Vary" mechanism, a cache first looks at the
URL of an object. Whenever it finds an entry in its cache, it looks,
whether all request-headers (specified by the value of the original
"Vary" header) of the original request (that caused the object to be
stored in the cache) match the values of the corresponding request
headers of the current request. If they match, the cache may return the
cached version, if they don't, the cache has to fetch a fresh copy from
the origin server.
So in fact a cache uses the tuple
(URL, getRequestHeaders_specified_by_Vary-header_of_stored_objects)
to find a valid copy of the object in the cache.
Is this true? Will my cache work like expected?
Thanks and best regards
-Stefan-
Received on Mon Dec 05 2005 - 06:19:16 MST
This archive was generated by hypermail pre-2.1.9 : Sat Dec 31 2005 - 12:00:02 MST