Login | Register For Free | Help
Search for: (Advanced)

Mailing List Archive: Varnish: Misc

varnish + sharepoint 2010

 

 

Varnish misc RSS feed   Index | Next | Previous | View Threaded


sean8sean at gmail

Feb 1, 2012, 5:12 PM

Post #1 of 2 (764 views)
Permalink
varnish + sharepoint 2010

Sharepoint 2010, typical installation. Protected with Kerberos/SPNEGO ...
looking to
squeeze the most i can out of varnish to reduce effect of latency on our
private WAN.

A number of the key urls are for public consumption (images for corporate
news/js/css/axd), but the entire Sharepoint site is protected - how can i
bypass the default behavior and cache the result of authenticated requests
for future GETs ?


pprocacci at datapipe

Feb 1, 2012, 5:35 PM

Post #2 of 2 (699 views)
Permalink
Re: varnish + sharepoint 2010 [In reply to]

So you need to check if a user is authorized for an object (which may or may not already be cached by Varnish) by means of an external application. (Sharepoint)

Something along the lines perhaps?

###################################
sub vcl_recv {
if (req.url ~ "^/authorized_content") {
if (req.restarts == 0) {
set req.backend = authorization_backend;
return(pass);
} else {
set req.backend = real_backend;
set req.url = regsub(req.url, "_authorize_me", "");
}
}
}

sub vcl_fetch {
if (req.url ~ "^/authorized_content" && req.restarts == 0) {
if (beresp.status == 200) {
restart;
} else {
error 403 "Not authorized";
}
}
}
###################################

Part of the problem is, Varnish doesn't know what's authorized and it will have to check every request to ensure a request is in fact authorized for the given content.
Other than the above brief example, you could possibly create a vmod that caches responses from the `authorization_backend` and uses that for future requests. (if one doesn't exist already)

~Paul

On Wed, Feb 01, 2012 at 08:12:56PM -0500, Sean McHugh wrote:
> Sharepoint 2010, typical installation. Protected with Kerberos/SPNEGO ...
> looking to
> squeeze the most i can out of varnish to reduce effect of latency on our
> private WAN.
>
> A number of the key urls are for public consumption (images for corporate
> news/js/css/axd), but the entire Sharepoint site is protected - how can i
> bypass the default behavior and cache the result of authenticated requests
> for future GETs ?

> _______________________________________________
> varnish-misc mailing list
> varnish-misc [at] varnish-cache
> https://www.varnish-cache.org/lists/mailman/listinfo/varnish-misc

________________________________

This message may contain confidential or privileged information. If you are not the intended recipient, please advise us immediately and delete this message. See http://www.datapipe.com/legal/email_disclaimer/ for further information on confidentiality and the risks of non-secure electronic communication. If you cannot access these links, please notify us by reply message and we will send the contents to you.

_______________________________________________
varnish-misc mailing list
varnish-misc [at] varnish-cache
https://www.varnish-cache.org/lists/mailman/listinfo/varnish-misc

Varnish misc RSS feed   Index | Next | Previous | View Threaded
 
 


Interested in having your list archived? Contact Gossamer Threads
 
  Web Applications & Managed Hosting Powered by Gossamer Threads Inc.