Re: [squid-users] HTTP Headers

From: Henrik Nordstrom <[email protected]>
Date: Thu, 6 Mar 2003 08:54:56 +0100

On Thursday 06 March 2003 00.24, Craig Kelley wrote:

> Just for the archives; I solved the problem by using this on the
> source HTTPD server:
>
> <Directory dir/to/cache/goes/here>
> Options FollowSymLinks
> AllowOverride None
> Header set Cache-control public
> AuthType Basic
> AuthName ByPassword
> AuthUserFile /path/to/htpasswd/file/goes/here
> <Limit GET PUT POST DELETE>
> Require valid-user
> </Limit>
> </Directory>
>
> Many thanks Henrik for the HTTP header hint.

I assume you know that cache hits will not require authentication in
such setup? And this does not only apply to your cache but any cache
on the Internet who have cached the page.

Having auth requirement on such URLs on the server is somewhat odd,
but if you require authentication for URLs higher up in the directory
structure then you will need to mark them as public as browsers will
still think authentication is required to fetch these objects and
thereby make caches also think it is...

If you really want both authentication and caching in your accelerator
then set up authentication in Squid.

Regards
Henrik
Received on Thu Mar 06 2003 - 00:52:03 MST

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:13:56 MST