António P. P. Almeida
appa at perusio.net
Mon Feb 13 21:43:55 UTC 2012
On 13 Fev 2012 21h13 WET, nginxyz at mail.ru wrote:
> 13 февраля 2012, 21:58 от António P. P. Almeida <appa at perusio.net>:
>> On 12 Fev 2012 15h32 WET, guilherme.e at gmail.com wrote:
>> You can use the auth_request module for that then.
>> I've replicated the mercurial repo on github:
>> It involves setting up a location that proxy_pass(es) to the Apache
>> upstream and returns 403 if not allowed to access.
> Maxim's auth_request module is great, but AFAIK, it doesn't
> support caching, which makes it unsuited to the OP's
> situation because the OP wants to cache large files from
> the backend server(s).
> The access_by_lua solution I proposed, on the other hand,
> does make it possible to cache the content, and if one should
> want, even the IP-based authorization information in a
> separate cache zone.
AFAIK the authorization occurs well before any content is served. What
does that have to with caching?
Using access_by_lua with a subrequest like you suggested is, AFAICT,
equivalent to using auth_request.
IIRC the OP wanted first to check if a given client could access a
certain file. If it can, then it gets the content from the cache or
whatever he decides.
More information about the nginx