Hi,
Il giorno lun, 21/06/2010 alle 17.29 +0200, Tibor Simko ha scritto:
> On Mon, 21 Jun 2010, Samuele Kaplun wrote:
> > As such the whole stack is called upon every request, even partial
> > range request, so performances might be yet not ideals, as
> > mod_wsgi+Invenio is called anyway everytime.
>
> However, the Invenio daemon process should basically quickly return OK
> to Apache to stream the given file (or its parts), if the permissions
> are right, so that back-end processes are quickly liberated to serve the
> next requests. This should enhance the scalability very considerably
> when compared to streaming being done fully by the back-end processes
> themselves.
BTW, this is instead a wild idea I was having in mind, since quite some
time, so I am not sure it will get into Invenio, but I'll propose it
here just in case.
We can indeed, fully delegate to Apache to serve a file, while still
keeping control of it Invenio, by creating a symlink with a random name
(UUID) to the the file and putting it
into /opt/cds-invenio/var/www/path , populate an ad-hoc .htaccess where
we authorize just the given IP address of the requester to access the
UUID (especially in case the file was restricted), and we redirect with
an HTTP temporary redirect the user to such file. Then Apache will
really serve the file with full-authorization checking,
full-range-request support and full available speed :-)
A simple new garbage-collection task should then be implemented not to
fill the filesystem with this UUIDs links.
However the drawbacks would be for restricted files retrieved by users
sitting behind a proxy which would see their IP address shared upon
multiple users. I currently don't know if Apache .htaccess configuration
let you authorize requests based on other features than the IP address
(might it be possible to authorized based on the current session cookie
of the user?)
Cheers,
Sam
