authentication - Varnish and ESI HTTP AUTH -


i'm lost on problem, , don't know problem, so, hope me.

i have http basic authentification symfony, , i'm trying reach url protected auth, tag in drupal page. every requests send varnish

i give username , password in url : 

<esi:include src="http://admin:adminpass@api.dev:8081/app.php/next"/>

in varnish configuration file, have lines auth.http:

if (req.http.authorization) {   return (pass); }

my backend symfony working without http authentification, , http authentification working when there's not varnish , esi tag.

if have idea of problem, please, tell me, if it's wrong =)

esi in varnish doesn't work iframe or link tag in browser in doesn't connect whatever url give it. esi starts new request within varnish , goes through workflow (vcl_recv, etc).

you expecting varnish act http client, parsing url, setting authorization header, setting host header api.dev:8081 , initiating new http connection/request not. in case, guess starts new req req.url set /app.php/next inheriting headers request parent resource (containing esi tag) or possibly ignores esi tag completely.

the way accomplish want (in vcl_recv):

if (req.esi_level > 0 && req.url == "/app.php/next") {      set req.http.authorization = "basic [base64 encoded admin:adminpass]"      return (pass); }

and esi tag should <esi:include src="/app.php/next" />

if need esi request hit different backend server, need add server different named backend:

backend authorization_needed {    .host = "api.dev";    .port = "8081"; }

and in vcl_recv, tell varnish use esi requests:

if (req.esi_level > 0 && req.url == "/app.php/next") {    set req.http.authorization = "basic [base64 encoded admin:adminpass]"    set req.backend = authorization_needed;    return (pass); }

you may need set req.http.host in if block if backend responds different virtual host "api.dev".

update:

since basic authorization coming client, , calling return (pass) when req.http.authorization present, varnish not esi process pages. must explicitly enable esi in vcl_fetch() not called when pass.

so pass authorization esi fragments not parent page, change in vcl_rev:

if (req.http.authorization && req.esi_level == 0) {     set req.http.x-esi-authorization = req.http.authorization;     unset req.http.authorization; } else if (req.http.x-esi-authorization && req.esi_level > 0 ) {     set req.http.authorization = req.http.x-esi-authorization;     return (pass); }

and add vcl_fetch:

if (req.http.x-esi-authorization) {     set beresp.do_esi = true; }

the net effect parent response cacheable , process esi, esi fragments passed backend client's authorization header.


Comments

Post a Comment

Popular posts from this blog

How to mention the localhost in android -

i trying call localhost in android application. unfortunately not possible used several methods emulator local host http://10.0.2.2/android/dbconnection.php and network ip address http://192.168.1.xx/android/dbconnection.php also http://localhost:8080/android/dbconnection.php but nothing connected localhost. purpose refer stackoverflow answers not working i facing same problem when worked on localhost. referred stackoverflow answer got solution create new emulator works fine in new emulator.
Read more

php - Calling a template part from a post -

i include iframe within post in wordpress. located inside content of post, meaning cannot in post template file, otherwise either before or after. i'd add facebook plugin within posts: <div id="socialwrap"><div class="fb-like" data-href="http://onlinearizonahomes.info" data-send="true" data-width="450" data-show-faces="true" data-font="arial"></div></div> i thinking of calling template part within post <?php get_template_part( 'social' ); ?> cannot use php within post without plugin (i'd avoid using plugin this). an alternative using javascript create html in post, seems unnecessary use of javascript. what best way add html within wordpress post? you can use shortcode. add functions.php function cudjex_fbshare( $atts, $content = null ) { global $post; $link = get_permalink($post->id); return '<div id="socialwrap...
Read more

c# - String.format() DateTime With Arabic culture -

check below code snippet, namespace testdateconvertion { class program { static void main(string[] args) { datetime testvalue = new datetime(2013, 12, 15, 15, 33, 44); cultureinfo culture = new cultureinfo("ar-sa"); string stringvalue = string.format(culture, "{0:d} {0:hh:mm:ss}", testvalue); console.writeline(stringvalue); console.readline(); } } } it gives output 22/02/35 15:33:44 i not getting how possible. whats 35 doing in output there that's 13/12/2015 in hijri, 35 means 1435 in hijri, default date format saudi arabia.
Read more