[squid-users] Reverse Proxy of token protected content.

From: Jon Scott Stevens <[email protected]>
Date: Mon, 13 Nov 2006 14:54:40 -0800

Hello Squid Users!

I've been pouring over the documentation and I haven't quite seen a
setup like what I'm trying to do so I'm asking here in the hopes I
can get some help. =)

In the end, I would like to have a setup like this:

Internet -> [Squid -> Apache (mod_python)] -> images/videos mounted
via nfs/smbfs.

Squid is on port 80
Apache is on port 8080
Both are on the same machine.

So, a request comes in like this:

        http://server.com/foobar/images/foo.jpg?t=encryptedstring

The mod_python script intercepts the request in it's accesshandler()
method and either returns OK or HTTP_UNAUTHORIZED based on the data
in the encrypted string. Apache then either serves the content or
returns a 403 header.

Now, what I want to do is put Squid in front of Apache so that I can
cache the image/video content. This would mean that for each request
that comes in, Squid would send a HEAD request to Apache with the
full URI and then either download the content from Apache if it isn't
in the cache, serve the content out of the cache, or not serve it...
all based on what the mod_python script returns.

I've discovered the external_acl_type config argument and I would be
willing to switch from mod_python to that, but it seems to be 3.0
only and I need 2.5.x since that is what is available in Ubuntu.
Also, most importantly, it doesn't seem to have an option to pass the
query string data to the external app.

Anyone else have similar experiences with this type of caching?

thanks!

jon
Received on Mon Nov 13 2006 - 15:54:46 MST

This archive was generated by hypermail pre-2.1.9 : Fri Dec 01 2006 - 12:00:03 MST