Welcome! Log In Create A New Profile

Re: proxy_cache when 'Authorization' HTTP header presents.

Forum List Message List New Topic Print View

Kuramoto Eiji

August 18, 2009 07:38AM

On Mon, 17 Aug 2009 18:14:34 +0400
Maxim Dounin wrote:

} > The proxy_cache module send cached contents until it's expired
} > even if a client send wrong user/password after passed first (401)
} > authentication. It might be a bug ... ?
}
} If authorization checked by nginx - request will never reach this
} stage. If it's checked by backend server - there is no reason for
} nginx to do anything with it.

It's checked by backend server.

my nginx.conf:

proxy_cache_path /usr/local/nginx/proxy_cache levels=1:2 keys_zone=one:10m;

proxy_cache_key "$host:$server_port$uri$is_args$args";

server {
listen 8080;
server_name frontend-hostname.example.com;

location / {
proxy_cache one;
error_page 401 404 502 504 = @fallback;
}

location @fallback {
proxy_cache one;
proxy_cache_valid 200 1m;
proxy_pass http://backend-hostname.example.com;
}

Request/Response:
1. client requests HTTP authorization required URI to nginx.
2. If it doesn't found in proxy_cached contents, nginx requests URI to
backend server.
3. backend server responses with 401 (Unauthorized) HTTP status code
to nginx.
4. nginx responses with 401 (Unauthorized) HTTP status code to client.
5. client send requests with the authorized User/Password on
'Authorization:' HTTP header.
6. nginx passes through that requests to backend server.
7. backend server responses authorized contents with 200 HTTP status
code without 'Cache-Control: no-cache or no-store' HTTP headers.
8. nginx's proxy_cache module caches the contents, so it respond with
200 HTTP status code.
9. nginx responses the contens to client with 200 HTTP status code.
10. change User or Password for HTTP authorization of URI on backend
server.
11. client requests same URI at step 1 with previously (same at step 5)
User/Password (at here, wrong/unauthorized User/Password) on
'Authorization:' HTTP header.
12. nginx responses previously (at step 8) cached contents without any
HTTP authorizations until proxy_cache expired ('proxy_cache_valid'
time for '200' HTTP status).

nginx should request to backend server with 'Authorization:' HTTP
header requested by client at step 12, I suppose..

} This effectively switches off cache for requests with
} authorization. The same may be done via configs.

How can I do via configs?

Thank you.

- Kuramoto Eiji

Reply Quote

RSS

Subject	Author	Posted
proxy_cache when 'Authorization' HTTP header presents.	Kuramoto Eiji	August 11, 2009 10:47PM
Re: proxy_cache when 'Authorization' HTTP header presents.	Maxim Dounin	August 17, 2009 10:14AM
Re: proxy_cache when 'Authorization' HTTP header presents.	Kuramoto Eiji	August 18, 2009 07:38AM
Re: proxy_cache when 'Authorization' HTTP header presents.	Maxim Dounin	August 18, 2009 08:25AM
Re: proxy_cache when 'Authorization' HTTP header presents.	Kuramoto Eiji	August 19, 2009 10:36PM
Re: proxy_cache when 'Authorization' HTTP header presents.	Igor Sysoev	August 18, 2009 10:13AM
Re: proxy_cache when 'Authorization' HTTP header presents.	Kuramoto Eiji	August 19, 2009 11:10PM

Sorry, only registered users may post in this forum.

Click here to login

Online Users

Guests: 203

Record Number of Users: 8 on April 13, 2023

Record Number of Guests: 421 on December 02, 2018