| Anonymous | Login | Signup for a new account | 12-17-2024 08:35 PST |
| Main | My View | View Issues | Change Log | Docs |
| Viewing Issue Simple Details [ Jump to Notes ] | [ View Advanced ] [ Issue History ] [ Print ] | ||||||||
| ID | Category | Severity | Reproducibility | Date Submitted | Last Update | ||||
| 0003065 | [Resin] | minor | always | 11-11-08 09:34 | 03-25-09 16:19 | ||||
| Reporter | ferg | View Status | public | ||||||
| Assigned To | ferg | ||||||||
| Priority | urgent | Resolution | fixed | ||||||
| Status | closed | Product Version | |||||||
| Summary | 0003065: proxy caching and apache authentication | ||||||||
| Description |
(rep by Daniel Wigenfors) We are trying out resin 3.1 at the moment, and we have stumbled upon a strange situation with the resin proxy cache. In short, caching in resin proxy cache does not work when using basic http auth in apache, when removing basic auth, the same request is cached in resin proxy cache. The following conf was changed in apache: <Location /> AuthType Basic AuthName "test" AuthUserFile users AuthGroupFile groups Require group test </Location> We have used the following sample code from your documentation to verify the caching: <%@ page session="false" %> <%! int counter; %> <% long now = System.currentTimeMillis(); response.setDateHeader("Expires", now + 15000); %> Count: <%= counter++ %> Three different ways to access the page has been used. 1. Apache/mod_caucho with http basic auth -> pages are not cached 2. Resin directly through port 8081 -> pages are cached 3. Apache/mod_caucho without http basic auth -> pages are cached Is that a feature or a bug, it's not mentioned anywhere in the documentation as far as we can see? It took us a couple of days to locate the source of the problem. It's not a showstopper for us at the moment, now that we know why it happens. |
||||||||
| Additional Information | |||||||||
| Attached Files | |||||||||
|
|
|||||||||
 Relationships |
|
|
Notes |
|
|
(0003931) ferg 03-25-09 16:19 |
server/2h0n The issue was potentially serving cached pages bypassing the authentication check. |
|
Issue History |
|||
| Date Modified | Username | Field | Change |
| 11-11-08 09:34 | ferg | New Issue | |
| 03-25-09 16:19 | ferg | Note Added: 0003931 | |
| 03-25-09 16:19 | ferg | Assigned To | => ferg |
| 03-25-09 16:19 | ferg | Status | new => closed |
| 03-25-09 16:19 | ferg | Resolution | open => fixed |
| 03-25-09 16:19 | ferg | Fixed in Version | => 4.0.0 |
| Mantis 1.0.0rc3[^]
Copyright © 2000 - 2005 Mantis Group
28 total queries executed. 25 unique queries executed. |  |
