Logged-in users

Darryl Dixon - Winterhouse Consulting darryl.dixon at winterhouseconsulting.com
Wed Nov 26 22:45:37 CET 2008

We do both depending on scenario: we use ajax to update parts of a page
after-delivery (poor mans ESI ;) as suggested by Tim, and we also have a
custom vcl_hash that caches different copies of pages depending on various
cookies and other conditions (much as Miles suggests). Both fit depending
on the use-case.

Miles: FWIW, the CacheFu product for Plone may assist you to maximise the
caching potential of your site without too many custom tweaks to your
Varnish rules.

Darryl Dixon
Winterhouse Consulting Ltd

> Another approach is to simply use a small bit of Javascript.  It's
> easy to test for the existence of the cookie in Javascript and
> set that text conditionally.
> Then you have only one copy of the page to be cached.
> The problem with the approach you've outlined here is
> that other downstream caches won't understand the difference
> (although most will simply refuse to cache any responses
> if the request had a cookie header).  Whereas the Javascript
> approach also allows downstream caches to cache everything
> efficiently.
> Tim
> On Nov 26, 2008, at 12:31 PM, Miles wrote:
>> Miles wrote:
>>> Hi,
>>> I have a site where users can log in.  This sets a cookie with their
>>> encrypted login details, so they can be authenticated.  There are a
>>> small number of pages which are user-specific ("change your details"
>>> forms, etc), and these are set not to cache.
>>> When a user is logged in, a message is shown at the top of the page
>>> "You
>>> are now logged in".  However, nothing on the page depends on the
>>> individual user.
>>> My question is, how can I organise the cache to have the most cache
>>> hits, given that there are effectively two versions of each page -
>>> one
>>> for logged in users, and one for anonymous users.  I want to
>>> specifically avoid each user having their own version of the page
>>> stored
>>> in the cache.
>>> Thanks in advance for any wisdom anyone can share!
>>> Miles
>> Thanks to everyone who suggested using ESI - I may have to use this,
>> but
>> would quite like to avoid it, as it's useful to be able to run the app
>> without varnish in front for development/testing.
>> I wondered whether it was possible to use vcl_hash for my purposes, as
>> follows:
>> sub vcl_hash {
>>    //hash the object with url+host
>>    set req.hash += req.url;
>>    set req.hash += req.http.host;
>>    # see if the user has a cookie to indicate they are logged in
>>    if req.http.cookie ~ '__ac=':
>>       set req.hash += 'authenticated';
>>    else:
>>       set req.hash += 'anonymous'
>>    hash;
>> }
>> Would this give me the two representations that I require for each
>> page
>> - or am I going down a route that will turn out bad?!  I couldn't find
>> much information about vcl_hash, so I'm not sure if I'm barking up the
>> wrong tree or not...
>> Regards,
>> Miles
>> _______________________________________________
>> varnish-misc mailing list
>> varnish-misc at projects.linpro.no
>> http://projects.linpro.no/mailman/listinfo/varnish-misc
> _______________________________________________
> varnish-misc mailing list
> varnish-misc at projects.linpro.no
> http://projects.linpro.no/mailman/listinfo/varnish-misc

More information about the varnish-misc mailing list