Re: Deprecating URL passwords in cache_object://

From: Mark Nottingham <mnot_at_yahoo-inc.com>
Date: Wed, 15 Oct 2008 12:04:06 +1100

So I think we ended up:

1) change from cache_object:// to http://
2) configurable access path
3) drop authentication suffix (@password) from URL
4) enforce unique_hostname / visible_hostname / hostname_aliases as
the URI authority
5) still pay attention to global_internal_static
6) modify manager acl to suit

Correct?

FWIW, my original use case was to allow passing arguments to cachemgr
functions, so we can do things like:

http://{unique_hostname}/{configurable_access_path}/object?url=http://www.example.com/path

to inspect that object.

On 05/10/2008, at 9:50 AM, Henrik Nordstrom wrote:

> On lör, 2008-10-04 at 19:15 +0200, Kinkie wrote:
>
>> ...which is exactly what I was suggesting at the beginning of this
>> thread.
>> For rproxy scenarios, global_internal_static should cover the cases
>> Mark is worried about.
>> The only doubt I may have is how to best express access control (the
>> current implementation is IMVHO kludgy).
>
> To fit with the rest there should be an acl matching the cachemgr
> action.
>
> Regards
> Henrik

--
Mark Nottingham       mnot_at_yahoo-inc.com
Received on Wed Oct 15 2008 - 01:05:44 MDT

This archive was generated by hypermail 2.2.0 : Wed Oct 15 2008 - 12:00:05 MDT