
<div dir="ltr">Hey guys,<div><br></div><div> Ok so I have a website that uses apache basic authentication that needs to be cached.</div><div><br></div><div> When apache auth is in the config, I get a 503 error and this is what I see in the varnishlog:</div><div><br></div><div><div>    0 Backend_health - web2 Still sick 4--X-R- 0 3 5 0.014946 0.000000 HTTP/1.1 401 Unauthorized</div><div>    0 Backend_health - web1 Still sick 4--X-R- 0 3 5 0.014766 0.000000 HTTP/1.1 404 Not Found</div><div><br></div><div>As soon as I remove apache auth from the site, it starts working from behind varnish.</div><div><br></div><div>So I tried using this tutorial to cache the site with authentication in place: </div><div><br></div><div><a href="http://blog.tenya.me/blog/2011/12/14/varnish-http-authentication/">http://blog.tenya.me/blog/2011/12/14/varnish-http-authentication/</a><br></div><div><br></div><div>Here's my vcl file:</div><div><br></div><div>


<p class="">probe healthcheck {</p>

<p class="">  .url = "/healthcheck.php";</p>

<p class="">  .timeout = 5s;</p>

<p class="">  .interval = 2s;</p>

<p class="">  .window = 5;</p>

<p class="">  .threshold = 3;</p>

<p class="">}</p>

<p class=""><br></p>

<p class="">backend web1 {</p>

<p class="">  .host = “10”10.10.25”;</p>

<p class="">  .port = "80";</p>

<p class="">  .probe = healthcheck;</p>

<p class="">  .connect_timeout = 30s;</p>

<p class="">  .first_byte_timeout = 30s;</p>

<p class="">  .between_bytes_timeout = 30s;</p>

<p class="">  .max_connections = 70;</p>

<p class="">}</p>

<p class=""><br></p>

<p class="">backend web2 {</p>

<p class="">  .host = “10.10.10.26;</p>

<p class="">  .port = "80";</p>

<p class="">  .probe = healthcheck;</p>

<p class="">  .connect_timeout = 30s;</p>

<p class="">  .first_byte_timeout = 30s;</p>

<p class="">  .between_bytes_timeout = 30s;</p>

<p class="">  .max_connections = 70;</p>

<p class="">}</p>

<p class=""><br></p>

<p class=""><br></p>

<p class="">director www client {</p>

<p class="">  { .backend = web1 ; .weight = 2;  }</p>

<p class="">  { .backend = web2 ; .weight = 2;  }</p>

<p class=""> }</p>

<p class=""><br></p>

<p class=""><br></p>

<p class="">sub vcl_recv {</p>

<p class=""><br></p>

<p class=""><br></p>

<p class="">    set req.backend = www;</p>

<p class=""><br></p>

<p class="">    unset req.http.cookie;</p>

<p class=""><br></p>

<p class="">    if (! req.http.Authorization ~ "Basic someBase64hash”)</p>

<p class="">    {</p>

<p class="">        error 401 "Restricted";</p>

<p class="">     }</p>

<p class=""><br></p>

<p class="">    if (req.backend.healthy) {</p>

<p class="">       set req.grace = 30s;</p>

<p class="">      } else {</p>

<p class="">        set req.grace = 4h;</p>

<p class="">    }</p>

<p class=""><br></p>

<p class="">    return (lookup);</p>

<p class="">}</p>

<p class=""><br></p>

<p class="">sub vcl_fetch {</p>

<p class=""><br></p>

<p class=""><br></p>

<p class="">   if ( req.url ~ "^/index.php$" || req.url ~  "^/cometchat/cometchat_receive.php$") {</p>

<p class="">      set beresp.ttl = 3600s;</p>

<p class="">   }</p>

<p class=""><br></p>

<p class="">    set beresp.grace = 4h;</p>

<p class=""><br></p>

<p class="">    return (deliver);</p>

<p class="">}</p>

<p class=""><br></p>

<p class="">sub vcl_error {</p>

<p class=""><br></p>

<p class="">  if (obj.status == 401) {</p>

<p class="">  set obj.http.Content-Type = "text/html; charset=utf-8";</p>

<p class="">  set obj.http.WWW-Authenticate = "Basic realm=Secured";</p>

<p class="">  synthetic {"</p>

<p class=""><br></p>

<p class=""> <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"</p>

<p class=""> "<a href="http://www.w3.org/TR/1999/REC-html401-19991224/loose.dtd">http://www.w3.org/TR/1999/REC-html401-19991224/loose.dtd</a>"></p>

<p class=""><br></p>

<p class=""> <HTML></p>

<p class=""> <HEAD></p>

<p class=""> <TITLE>Error</TITLE></p>

<p class=""> <META HTTP-EQUIV='Content-Type' CONTENT='text/html;'></p>

<p class=""> </HEAD></p>

<p class=""> <BODY><H1>401 Unauthorized (varnish)</H1></BODY></p>

<p class=""> </HTML></p>

<p class=""> "};</p>

<p class="">  return (deliver);</p>

<p class="">  }</p>

<p class=""><br></p>

<p class=""><br></p>

<p class="">}</p>

<p class=""><br></p>

<p class="">sub vcl_deliver {</p>

<p class="">     if (obj.hits> 0) {</p>

<p class="">      set resp.http.X-Cache = "HIT";</p>

<p class="">     } else {</p>

<p class="">        set resp.http.X-Cache = "MISS";</p>

<p class="">     }</p>

<p class=""> }</p>

<p class="">I'd appreciate any tips on how to get this to work you may have!</p><p class=""><br></p><p class="">Thanks,</p><p class="">Tim</p><p class=""><br></p><p class=""><br></p></div><div><br></div>-- <br><div class="gmail_signature">GPG me!!<br><br>gpg --keyserver <a href="http://pool.sks-keyservers.net" target="_blank">pool.sks-keyservers.net</a> --recv-keys F186197B<br><br></div>

</div></div>