eZ Community » Forums » eZ Publish 5 Platform » Http Cache and current user
expandshrink

Http Cache and current user

Http Cache and current user

Tuesday 30 September 2014 6:32:26 pm - 8 replies

Hi,

In my new ez5 application in which only authentified users have access, if I open some pages with a user, then logout and then login with a different user, whenever I go to the pages I opened previously, I am in the context of the previous user (the user name displayed in my top user menu).

Do you have any idea what the problem can be and how to fix that it ?

Thanks for your help,

Hakim

Tuesday 30 September 2014 7:01:38 pm

Is there just a way to at least disable the http_cache ?

I am using 2014.07.

Whenever I empty the cache/prod/http_cache the problem is fixed, so ... untill I understand how to manage this cache, if I can get rid of this cache at least I will not have user accessing stuff they should not...

Thanks,

Hakim

Tuesday 30 September 2014 9:20:26 pm

If you really want to disable http cache and use our own custom controllers just set 

$response->setPrivate();

You should not have such kind of problems with standard view location controllers, but stiil you are able to completely disable http cache in config:

ezpublish:    

  system:        

     my_siteaccess:            

         content:                

             view_cache: false

 

See here: https://doc.ez.no/display/EZP/HttpCache#HttpCache-Configuration 

Modified on Tuesday 30 September 2014 9:21:42 pm by Andrey Astakhov

Tuesday 30 September 2014 9:31:00 pm

Similarly to legacy view cache, http cache in 5.x as of 5.2 and higher varies on user rights. The way to make it vary on user itself in new stack (you should only need to do this for views that display specific user data like user name btw, you should not do this globally as you then loose the effect of having cache):

Either override controller for the specific content/location view, or in case of specify calls from page layout change it to call a custom controllers, in both cases either set to private as mentioned by Andrey, or try to vary by session cookie*

 

* Note, also make sure cache expires after some time and still also varies by user rights in case of: user getting different rights by either policy changes or login/logut, or session id in some distant future gets reused for a new session (or maybe more realistic someone tries to take over session as a way to attack your site).  PS: Might be better ways to vary by user id.

Thursday 02 October 2014 4:24:59 pm

BTW, the best way to completely disable HTTP Cache is to just change the ENV variable in your VirtualHost config, this is passed on to our custom index.php which accepts most things to be customized this way as opposed to having to change it like in Symfony standard distribution.

Friday 03 October 2014 12:36:26 pm

Thanks André and Andrey for your answers.

I used the "view_cache:false" solution proposed by Andrey in oder to have something working quickly.

I will go back to this problem later, going deeper in the cache management of each parts, as explained by André.

Thanks again for your help,

Hakim

Modified on Friday 03 October 2014 12:36:56 pm by Hakim Bouras

Monday 26 January 2015 3:46:54 pm

Hello all,

I up this thread a bit.

I am running a legacy instance through sf2 stack.

I am trying to disabled view caching for dev purpose but i can't find how to do so. In ezpublish.yml, I have this (doris is my siteaccess name) :

doris:

- content:

-- view_cache: false

But it does not work.

Any idea why ?

 

Thank you

Modified on Monday 26 January 2015 3:47:21 pm by Paul Etienney

Monday 26 January 2015 4:08:33 pm

As of this commit, your only option is to enabled "DevelopmentMode":

https://github.com/ezsystems/ezpu...71dc906642fbccd8495cd8df47894fbd7cc0

Monday 26 January 2015 4:26:42 pm

Bingo !

Thank you very much Peter.

expandshrink

You must be logged in to post messages in this topic!

36 542 Users on board!

Forums menu

Proudly Developed with from