Hi Folks,
Have squid sitting in front of our site and the pages have a design attached with 'logged in' design areas that have edit buttons etc if folks have permissions.
So the problem: if they login - they get referred back to the page they came from - which gets served from the squid cache and they cannot see the buttons (adding /_nocache or shift refresh solves it but they have to do that for everypage they visit whilst logged in). I'd previously setup a DENY rule for the presence of the SQ_SYSTEM_SESSION cookie which when I set it up (and was testing it - 3.16) seemed to get set only when logging in (could be wrong) whereas now (3.18) it seems to be set logged in or not (well what http_live_headers reports anyway)? Certainly when traffic went up recently it slowed things down due to everything being passed through so had to remove it.
The only work around I can think of is to use javascript to rewrite the value of the hidden referrer field on the login screen to append '/_nocache' then add some more javascript to a logged in area that sets another cookie and use that (not quite worked out how to remove that on logging out tho…). That just seems over complicated and dirty so I think I must me missing something.
Just wondered what everyone else does / would do with a problem I'm having
Cheers
K
Hey there,
You are right that Matrix sets the SQ_SYSTEM_SESSION cookie whether you are logged in or not.
The fact is, if you need a page to be dynamic, you cannot really cache it with a proxy server. You need to explicitly come up with a list of pages that are dynamic, or somehow intelligently create some kind of URL pattern that is not cached.
If you are customising content on every page when a user is logged in, you could apply two URLs to a site - one that is cached by the proxy and one that is not. When you direct a user to log in, you take them to the non-cached URL, where they can continue to browse the site dynamically. When they log out, you can redirect them back to the public (cached) site.
This is a slight pain, but set up a second URL admin.sitename.x and tell SQUID to ignore it completely.
Make you content editors switch when they edit a page. Or you could write a small bookmarklet to swap admin for www and append _edit or _admin
This will create a higher load on the system, so people should avoid being logged in unnecessarily.
cheers,
Richard
Just a note for clarity; Matrix has always set the SQ_SYSTEM_SESSION cookie for all users, logged in or otherwise. If you are not logged in, Matrix logs you in as the Public User asset. There was no change to this behavior in 3.18.
[quote]This is a slight pain, but set up a second URL admin.sitename.x and tell SQUID to ignore it completely.
Make you content editors switch when they edit a page. Or you could write a small bookmarklet to swap admin for www and append _edit or _admin
This will create a higher load on the system, so people should avoid being logged in unnecessarily.
cheers,
Richard[/quote]
Cheers - ok at least I'm not doing anything too barking - issue is that we will eventually have upward of 20 domains - given that each SSL hosted site needs its own IP so that would double the requirement - think I'll do something in javascript to set the cookie.
K