Depending on the frequency of clients accessing the mail services on your proxy and how many resources are available to the authentication service, you may want to introduce a caching layer into the setup. To this end, we will integrate
memcached as an in-memory store for authentication information.
NGINX can look up a key in
memcached, but only in the context of a location in the
http module. Therefore, we will have to implement our own caching layer outside of NGINX.
As the flowchart shows, we will first check whether or not this username/password combination is already in the cache. If not, we will query our authentication ...