Re: [squid-users] Help needed with Squid 3.0-STABLE12 reverse proxy messages in cache.log from Tom Williams on 2009-01-23 (squid-users)

From: Tom Williams <tomdkat_at_comcast.net>
Date: Fri, 23 Jan 2009 09:12:36 -0800

Amos Jeffries wrote:
> Tom Williams wrote:
>> I've got Squid 3.0-STABLE12 configured as a reverse proxy on RedHat
>> Enterprise Linux 5.
>>
>> We have pages for logged-in users we DO NOT want cached and pages for
>> anonymous users (not logged into the site) that we do want cached.
>>
>> We found this article which describes how to this:
>>
>> http://www.howtoforge.com/how-to-set-up-a-caching-reverse-proxy-with-squid-2.6-on-debian-etch-p2
>>
>>
>> Section 5 entitled "Different Content For Different Users" describes
>> what we want to do.
>>
>> Per that article, I've added these lines to my squid config file:
>>
>> acl set_logged_in_user_cookie rep_header Set-Cookie LOGGED_IN=Y
>> cache deny set_logged_in_user_cookie
>> acl clear_logged_in_user_cookie rep_header Cookie LOGGED_IN=Y
>> cache deny clear_logged_in_user_cookie
>> acl logged_in_user_cookie req_header Cookie LOGGED_IN=Y
>> cache deny logged_in_user_cookie
>>
>> During testing, I see a bunch of messages like this in my cache.log
>> file:
>>
>> 2009/01/22 23:52:35| ACL::checklistMatches WARNING:
>> 'set_logged_in_user_cookie' ACL is used but there is no HTTP reply --
>> not matching.
>> 2009/01/22 23:52:35| ACL::checklistMatches WARNING:
>> 'clear_logged_in_user_cookie' ACL is used but there is no HTTP reply
>> -- not matching.
>>
>> What do these warning messages mean? Does this mean Squid didn't see
>> a HTTP header with "Set-Cookie LOGGED_IN=Y"?
>>
>> Peace...
>>
>> Tom
>>
>
> Squid checks to see whether something is allowed to be cached at the
> time it is requested. Not when the reply is already coming back.
> Seems daft yes, but thats the way its currently done.
>
> Which means until someone gets time or money to clean that up, you can
> only use request or connection information in the cache ACLs.
>
> Amos
Ok. If I'm understanding your correctly, the above acls won't work
because they are looking for a HTTP header that won't exist?

Peace...

Tom
Received on Fri Jan 23 2009 - 17:12:48 MST

This archive was generated by hypermail 2.2.0 : Sat Jan 24 2009 - 12:00:02 MST