IBM Lotus Domino - reverse proxy - do not cache if authenticated web user (based on cookie)

Ryan Malayter malayter at gmail.com
Tue Mar 30 19:57:00 MSD 2010


On Tue, Mar 30, 2010 at 2:58 AM,  <Pekka.Panula at sofor.fi> wrote:
> Hi
>
> My backend is IBM Lotus Domino and its HTTP task. I have application that
> has admin panel thats been used with end-user's browser.
> Currently i am using cache but that admin panel goes crazy because of
> caching. So, goal is to prevent caching if user is authenticated.
> IBM Lotus Domino uses Cookie named DomAuthSessId which has session id.
>
> So on global level i have configured:


What cache-control headers does the back-end domino set? You can see
this with a tool like fiddler or Firebug... that makes all the
difference in how you need to configure nginx to override its behavior
if it is undesirable.

If all of the domino stuff is under a small set of URLs, you can
simply add a location for those that does not have "proxy_cache one;"
which is far simpler than trying to override the back-end's
cache-control headers. This means you will need to move your
"proxy_cache one;" from the http block to any inner location blocks
that need caching.

Also, this line "proxy_cache_valid any 1m;" looks like it could be
problematic if the back-end isn't setting cache-control headers at
all. You're basically saying "cache everything for at least a minute"
with that line, which you clearly do not want.

> Would this work if i do something like this?
>
>   location / {
>       # if authenticated domino user, disable cache
>       if ($http_cookie ~* "DomAuthSessId") {
>          proxy_cache_valid  200 302 304 none;
>          proxy_cache_valid  301 none;
>       }
>       proxy_pass http://some.ip.add.ress
>  }
>

I do not think proxy_* directives are valid inside an "if" block. Did
you try it?


-- 
RPM



More information about the nginx mailing list