On Mon, Apr 20, 2009 at 02:54:33PM +0100, Sam Crawford wrote: > The issue arises when we write our custom definitions of vcl_fetch. If we > find a static URL we'd do some like "remove req.http.cookie" and then > "lookup". However, if the content was not found in memory then it goes to > the backend. But by this point the incoming SSO cookie of the user has been > removed, so their request to the backend is denied. > > So, is there a way to lookup a query in the hashtable *without* cookies, but > then if the request has to go to the backend *keep* the cookies?
This is actually the default behavior. By default, only the url and hostname is part of the hash. However, the default vcl also explicitly passes any request with a cookie, which is why stripping the cookie is necessary. If you replicate the behavior you want from the default vcl in your own VCL, then end vcl_recv with lookup with a cookie, the object will be fetched using the cookie, then stored (as long as vcl_fetch allows it to be stored). Keep in mind, however, that any protection is lost, as cached data won't have their cookie confirmed. But I guess you're already aware of that. Hope this can point you in the right direction. -- Kristian Lyngstøl Redpill Linpro AS Tlf: +47 21544179 Mob: +47 99014497
pgpC7VABrMY9l.pgp
Description: PGP signature
_______________________________________________ varnish-misc mailing list varnish-misc@projects.linpro.no http://projects.linpro.no/mailman/listinfo/varnish-misc