Question about designed solution with dynamic backend setup based on csv-file with backend Basic Authentication
Lasse Karstensen
lkarsten at varnish-software.com
Tue Feb 18 11:10:07 CET 2014
On Thu, Feb 06, 2014 at 04:30:08PM +0100, Aleksandar Lazic wrote:
> I have the following need.
> A external script make a request to varnish and varnish, get a
> picture from the
> specified backend in the mapping file.
> Store the for ~5Min (=ttl=5m) and the re-fetch it from the backend.
> 1.) There is a mapping file which looks like this.
> id;URL;username;password
> 2.) Build per ID a backend with username:password
> 3.) Use the right backend for the $REQUEST
> 4.) Check the backend for availability.
[..]
> @2.) Write a script which create a $ID.vcl with the necessary
> "backend $ID { ...}" files.
> This script add also a 'sub vcl_recv {...}' per backend with header
>
> set req.http.Authorization = "BASIC [base64 encoded
> admin:adminpass]"
If this is for the backend connection/requests, you need to set it on bereq in
vcl_miss.
If you want to validate a client basic auth session, you should let your generating
script write a long if-else segment that checks that the data, not setting/overriding
it.
> @3.) add include $sysconfdir/conf.d/*.vcl into default.vcl
> @4.) I will use https://www.varnish-cache.org/docs/3.0/reference/vcl.html?highlight=include#backend-probes
> with .request option for the Auth-Header.
> This solution is very specific for my set-up.
> Is there a more generic varnish-way to solve my need?
No, this should be fine.
> Can I use some 'scripting' possibilities in varnish?
That is what VCL is for. You're already doing it.
> Is this possible "$sysconfdir/conf.d/*.vcl"?
No. varnishd will only read a single VCL file, and VCL include entries does not
support globbing/wildcards.
--
With regards,
Lasse Karstensen
Varnish Software AS
More information about the varnish-misc
mailing list