tis 2007-02-06 klockan 01:00 +0000 skrev John Line:
> Investigation showed that the problem was that the new Squid version was
> caching the temporary redirects (HTTP status 302) sent by origin servers
> to direct unauthenticated requests to our authentication server. When the
> authentication server subsequently redirected the (now authenticated)
> requests back to the originally-requested URLs, Squid served the
> corresponding cached redirects instead of passing the requests through to
> the origin servers.
Odd. Should not happen.
> It looked initially like it might be the problem described by Squid
> Bugzilla entry 1420 ("302 responses with an Expires header is always
> cached"), but I'm not sure about that - it may instead be a related (but
> distinct) problem. Hence asking about it here, rather than simply adding a
> note to the bugzilla item to suggest it's more serious than an
> "enhancement request" (which is how it is currently classified).
Hmm.. check the clocks on the two servers (the proxy and the
authentication server). I can imagine that if the clock on the
authentication server is running ahead of the proxy then unexpected
things may happen in combination with that bug..
Please add access.log details with log_mime_hdrs on to the bug report,
showing the problem..
When I saw the 302 problem it looked harmless, causing Squid to cache
the 302 but always ignore them on cache hits..
Regards
Henrik
This archive was generated by hypermail pre-2.1.9 : Thu Mar 01 2007 - 12:00:01 MST