Le Mercredi 27 Janvier 2010 12:05:32, Deepak Rao a écrit : > Hi, > > I have a squid setup requirement in my project for which I could not > find an answer. Any pointers will be helpful... > > The setup is as follows: I have multiple reverse proxies serving web > pages to clients. A load balancer front-ends the reverse proxies. The > reverse proxies can be configured as siblings. > > The client requests contain HTTP Digest headers and needs to be > authenticated at my server side (using proxy_auth?) The requests from > a client can be served by any of the reverse proxies & no state is > maintained on the server. Stickiness is also not possible. > > The issue is: > When the first request (REQ1) comes from client 1, server responds > back with 401 Unauthorized (WWW-Authenticate) and sets a nonce value > (N1) [all this is handled by the reverse proxy itself] > > Now when the client 1 sends the request (REQ1) again with all the > digest headers (using nonce N1), this request is received by another > reverse proxy. For this reverse proxy, the nonce N1 is unknown and > hence it returns again 401 Unauthorized as response with stale=true > for the nonce N1! Thus the request is never getting served rightly > > How do I handle this scenario? Is there a way to make all reverse > proxies share the same nonce pool? > > Any other alternatives for my requirement is also welcome. > > Thanks, > Deepak
Easygoing, if you are using digest auth, use some persistency in your balances et voila! you are done. dont use RoundRobin,
