|Anonymous | Login | Signup for a new account||12-12-2018 19:02 PST|
|Main | My View | View Issues | Change Log | Docs|
|Viewing Issue Simple Details [ Jump to Notes ]||[ View Advanced ] [ Issue History ] [ Print ]|
|ID||Category||Severity||Reproducibility||Date Submitted||Last Update|
|0003065||[Resin]||minor||always||11-11-08 09:34||03-25-09 16:19|
|Summary||0003065: proxy caching and apache authentication|
(rep by Daniel Wigenfors)
We are trying out resin 3.1 at the moment, and we have stumbled upon a strange situation with the resin proxy cache. In short, caching in resin proxy cache does not work when using basic http auth in apache, when removing basic auth, the same request is cached in resin proxy cache.
The following conf was changed in apache:
Require group test
We have used the following sample code from your documentation to verify the caching:
<%@ page session="false" %>
<%! int counter; %>
long now = System.currentTimeMillis();
response.setDateHeader("Expires", now + 15000);
Count: <%= counter++ %>
Three different ways to access the page has been used.
1. Apache/mod_caucho with http basic auth -> pages are not cached
2. Resin directly through port 8081 -> pages are cached
3. Apache/mod_caucho without http basic auth -> pages are cached
Is that a feature or a bug, it's not mentioned anywhere in the documentation as far as we can see? It took us a couple of days to locate the source of the problem. It's not a showstopper for us at the moment, now that we know why it happens.
The issue was potentially serving cached pages bypassing the authentication check.
|11-11-08 09:34||ferg||New Issue|
|03-25-09 16:19||ferg||Note Added: 0003931|
|03-25-09 16:19||ferg||Assigned To||=> ferg|
|03-25-09 16:19||ferg||Status||new => closed|
|03-25-09 16:19||ferg||Resolution||open => fixed|
|03-25-09 16:19||ferg||Fixed in Version||=> 4.0.0|
| Mantis 1.0.0rc3[^]
Copyright © 2000 - 2005 Mantis Group
28 total queries executed.|
25 unique queries executed.