Logged-in users

Miles miles at jamkit.com
Wed Nov 26 21:31:19 CET 2008

Miles wrote:
> Hi,
> I have a site where users can log in.  This sets a cookie with their 
> encrypted login details, so they can be authenticated.  There are a 
> small number of pages which are user-specific ("change your details" 
> forms, etc), and these are set not to cache.
> When a user is logged in, a message is shown at the top of the page "You 
> are now logged in".  However, nothing on the page depends on the 
> individual user.
> My question is, how can I organise the cache to have the most cache 
> hits, given that there are effectively two versions of each page - one 
> for logged in users, and one for anonymous users.  I want to 
> specifically avoid each user having their own version of the page stored 
> in the cache.
> Thanks in advance for any wisdom anyone can share!
> Miles

Thanks to everyone who suggested using ESI - I may have to use this, but 
would quite like to avoid it, as it's useful to be able to run the app 
without varnish in front for development/testing.

I wondered whether it was possible to use vcl_hash for my purposes, as 

sub vcl_hash {

    //hash the object with url+host
    set req.hash += req.url;
    set req.hash += req.http.host;

    # see if the user has a cookie to indicate they are logged in
    if req.http.cookie ~ '__ac=':
       set req.hash += 'authenticated';
       set req.hash += 'anonymous'


Would this give me the two representations that I require for each page 
- or am I going down a route that will turn out bad?!  I couldn't find 
much information about vcl_hash, so I'm not sure if I'm barking up the 
wrong tree or not...



More information about the varnish-misc mailing list