hi, has anyone done something like this (high level description...):
Web application sets cookie for user authentication, varnish acts as reverse proxy in front of dedicated image servers and checks if the cookie send by the user is a valid cookie set by the web application. Meaning that varnish can validate cookies (or session tokens attached to the GET request) against an external validating service, cache the result for a given TTL and then serve the requested content (or not). Required level of security is low: The idea is to prevent the world from accessing media files on the dedicated image servers without login to the main web application. No superprivate data to protect. If someone could theoretically gain access to a few files due to some TTL race conditions or such, thats no tragedy. No roles, per file permission etc. (for now...). I'm quite sure it's possible by inlining C in VCL. Do you think this could be possible out of the box with some trickery? Like creating an URL from the cookie, check this URL for 200 OK, cache the result, check further requests against the cached results or so? Regards Simon _______________________________________________ varnish-misc mailing list [email protected] http://projects.linpro.no/mailman/listinfo/varnish-misc
