vcl_hash authentication questions

Tollef Fog Heen tfheen at
Mon Oct 4 10:37:19 CEST 2010

]] Ron van der Vegt 

| What do you suggest? Are there other approaches that fit the use-case? How did 
| or would you solve this problem with Varnish?

I'd set a cookie on the backend, sign it using a HMAC, include an expiry
time in the cookie value and validate the HMAC signature + expiry value
using inline C in Varnish.  I don't think there's any examples of this,
but it shouldn't be that hard to write something.

Tollef Fog Heen
Varnish Software
t: +47 21 54 41 73

More information about the varnish-misc mailing list