[
https://issues.apache.org/jira/browse/TS-2972?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14099830#comment-14099830
]
ASF subversion and git services commented on TS-2972:
-----------------------------------------------------
Commit 38b4765a2e14c07c8884668e072c27166d3ef719 in trafficserver's branch
refs/heads/master from [~zwoop]
[ https://git-wip-us.apache.org/repos/asf?p=trafficserver.git;h=38b4765 ]
TS-2972 Change the hook used, to always do the authproxy phase
> authproxy: Investigate if we can run this (configurable) in a different hook
> ----------------------------------------------------------------------------
>
> Key: TS-2972
> URL: https://issues.apache.org/jira/browse/TS-2972
> Project: Traffic Server
> Issue Type: Improvement
> Components: Plugins
> Reporter: Leif Hedstrom
> Assignee: Leif Hedstrom
> Fix For: 5.1.0
>
>
> The issue is that without a (global) configuration to force us to go through
> the DNS hook on cache hits, we can not use authproxy to protect on cache hits
> (the plugin is bypassed).
> The setting is proxy.config.http.doc_in_cache_skip_dns, and it was added for
> a very valid reason: If the entry in HostDB is stale, we can not serve out of
> cache while it's doing the DNS lookup. This blocks all requests on that URL
> until DNS has finished, which in some cases can take a long time (we had a
> problem where some 3rd party DNS vendor could take up to 1s to resolve).
> My idea / hope is to make authproxy support running in a different hook, such
> that it always can get called. However, the wrinkle is that this is also a
> remap plugin, so whatever hook we pick, it has to happen after remap.
--
This message was sent by Atlassian JIRA
(v6.2#6252)
