On 4/26/12 3:20 PM, Bruce Lysik wrote:
Hi,
Can ATS properly cache file objects that require a user to be authenticated via
http basic auth?
I talked to James about this. But yeah, you can make such responses
cacheable, but then they are accessible without authentication, I'm fairly
certain. Hearing about your use case, you'd want to implement a small
plugin, that does e.g. a HEAD request with the client credentials to the
origin, and if it fails, deny the request. If it passes, let the request go
through, and allow ATS to cache the response (or serve out of cache if in
cache).
It's possible there are other things you can do, but I'm not sure what. ATS
itself does not support proxy-auth or WWW-auth right now at least (another
plugin task :).
-- Leif
CONFIG proxy.config.http.cache.ignore_authentication INT 1
