<html xmlns="http://www.w3.org/1999/xhtml" xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office"><head><!--[if gte mso 9]><xml><o:OfficeDocumentSettings><o:AllowPNG/><o:PixelsPerInch>96</o:PixelsPerInch></o:OfficeDocumentSettings></xml><![endif]--></head><body><div style="color:#000; background-color:#fff; font-family:HelveticaNeue, Helvetica Neue, Helvetica, Arial, Lucida Grande, sans-serif;font-size:16px"><div id="yui_3_16_0_ym19_1_1487801509296_7423">Hi everyone,</div><div id="yui_3_16_0_ym19_1_1487801509296_8709"><br></div><div dir="ltr" id="yui_3_16_0_ym19_1_1487801509296_8690">I am looking for a module which does the authentication/access control for reverse proxy (preferable `nginx`). This module should do:<br id="yui_3_16_0_ym19_1_1487801509296_8663"><br id="yui_3_16_0_ym19_1_1487801509296_8664"> 1. user authentication using credential stored in database (such as postgres)<br id="yui_3_16_0_ym19_1_1487801509296_8665"> 2. Monitoring the ongoing connection and take action if certain access credential is met. For example, time is expired<br id="yui_3_16_0_ym19_1_1487801509296_8666"> 3. open source (allow customization) and nginx, ruby(rails) preferable. <br id="yui_3_16_0_ym19_1_1487801509296_8667"><br id="yui_3_16_0_ym19_1_1487801509296_8668">It seems that [`OpenResty`][1] with `nginx` can do the job. Here is an [article][2] talking about access control with `Lua` on `nginx`. Here is an example (`nginx and Lua`) giving me impression that a snippet of file could executed for access (`access_by_lua_file`):<br id="yui_3_16_0_ym19_1_1487801509296_8669"><br id="yui_3_16_0_ym19_1_1487801509296_8670"> server {<br id="yui_3_16_0_ym19_1_1487801509296_8671"> listen 8080;<br id="yui_3_16_0_ym19_1_1487801509296_8672"> <br id="yui_3_16_0_ym19_1_1487801509296_8673"> location / {<br id="yui_3_16_0_ym19_1_1487801509296_8674"> auth_basic "Protected Elasticsearch";<br id="yui_3_16_0_ym19_1_1487801509296_8675"> auth_basic_user_file passwords;<br id="yui_3_16_0_ym19_1_1487801509296_8676"> <br id="yui_3_16_0_ym19_1_1487801509296_8677"> access_by_lua_file '../authorize.lua'; #<<<=====<br id="yui_3_16_0_ym19_1_1487801509296_8678"> <br id="yui_3_16_0_ym19_1_1487801509296_8679"> proxy_pass http://elasticsearch;<br id="yui_3_16_0_ym19_1_1487801509296_8680"> proxy_redirect off;<br id="yui_3_16_0_ym19_1_1487801509296_8681"> }<br id="yui_3_16_0_ym19_1_1487801509296_8682"> <br id="yui_3_16_0_ym19_1_1487801509296_8683"> }<br id="yui_3_16_0_ym19_1_1487801509296_8684"><br id="yui_3_16_0_ym19_1_1487801509296_8685">I am new to access control with reverse proxy. Any thought is appreciated.<br id="yui_3_16_0_ym19_1_1487801509296_8686"><br id="yui_3_16_0_ym19_1_1487801509296_8687"><br id="yui_3_16_0_ym19_1_1487801509296_8688"> [1]: https://github.com/openresty/lua-nginx-module<br id="yui_3_16_0_ym19_1_1487801509296_8689"> [2]: <a href="https://www.elastic.co/blog/playing-http-tricks-nginx" class="enhancr2_bacaeb41-47a5-a60c-7b1f-277462fe2666" id="yui_3_16_0_ym19_1_1487801509296_8693">Playing HTTP Tricks with Nginx</a><br></div><div id="yui_3_16_0_ym19_1_1487801509296_8712"><br></div><div id="enhancr2_bacaeb41-47a5-a60c-7b1f-277462fe2666" class="yahoo-link-enhancr-card ymail-preserve-class ymail-preserve-style" style="max-width:400px;font-family:'Helvetica Neue', Helvetica, Arial, sans-serif;" data-url="https://www.elastic.co/blog/playing-http-tricks-nginx" data-type="yenhancr" data-category="article" data-embed-url="" data-size="medium" dir="ltr" contenteditable="false"> <a href="https://www.elastic.co/blog/playing-http-tricks-nginx" style="text-decoration:none !important; color: #000 !important;" class="yahoo-enhancr-cardlink" target="_blank" rel="noreferrer" id="yui_3_16_0_ym19_1_1487801509296_8726"> <table class="card-wrapper yahoo-ignore-table" style="max-width:400px;" id="yui_3_16_0_ym19_1_1487801509296_8725" cellspacing="0" cellpadding="0" border="0"> <tbody id="yui_3_16_0_ym19_1_1487801509296_8724"><tr id="yui_3_16_0_ym19_1_1487801509296_8723"> <td id="yui_3_16_0_ym19_1_1487801509296_8722" width="400"> <table class="card yahoo-ignore-table" style="max-width:400px;" id="yui_3_16_0_ym19_1_1487801509296_8721" width="100%" cellspacing="0" cellpadding="0" border="0"> <tbody id="yui_3_16_0_ym19_1_1487801509296_8720"><tr id="yui_3_16_0_ym19_1_1487801509296_8719"> <td class="card-primary-image-cell" style="background:#000 url('https://s.yimg.com/vv//api/res/1.2/09d2.sS33.sVZwsTCP8ePg--/YXBwaWQ9bWFpbDtmaT1maWxsO2g9MjAwO3c9NDAw/https://www.elastic.co/assets/blt6596905a93aad536/playing-chess.jpg.cf.jpg') no-repeat center center;background-size:cover;height:200px;position:relative;" id="yui_3_16_0_ym19_1_1487801509296_8718" valign="top" bgcolor="#000000" background="https://s.yimg.com/vv//api/res/1.2/09d2.sS33.sVZwsTCP8ePg--/YXBwaWQ9bWFpbDtmaT1maWxsO2g9MjAwO3c9NDAw/https://www.elastic.co/assets/blt6596905a93aad536/playing-chess.jpg.cf.jpg"> <!--[if gte mso 9]><v:rect fill="true" stroke="false" style="width:400px;height:218px;position:absolute;top:0;left:0;"><v:fill type="frame" color="#000000" src="https://s.yimg.com/vv//api/res/1.2/09d2.sS33.sVZwsTCP8ePg--/YXBwaWQ9bWFpbDtmaT1maWxsO2g9MjAwO3c9NDAw/https://www.elastic.co/assets/blt6596905a93aad536/playing-chess.jpg.cf.jpg"/></v:rect><![endif]--> <table class="yahoo-ignore-table" valign="top" style="width:100%;" id="yui_3_16_0_ym19_1_1487801509296_8717" cellspacing="0" cellpadding="0" border="0"> <tbody id="yui_3_16_0_ym19_1_1487801509296_8716"><tr id="yui_3_16_0_ym19_1_1487801509296_8715"> <td style="background:transparent url('https://s.yimg.com/nq/storm/assets/enhancrV2/12/overlay-tile.png') repeat left top;height:200px;" id="yui_3_16_0_ym19_1_1487801509296_8714" valign="top" bgcolor="transparent" background="https://s.yimg.com/nq/storm/assets/enhancrV2/12/overlay-tile.png"> <!--[if gte mso 9]><v:rect fill="true" stroke="false" style="width:400px;height:218px;position:absolute;top:-18px;left:0;"><v:fill type="pattern" color="#000000" src="https://s.yimg.com/nq/storm/assets/enhancrV2/12/overlay-tile.png"/><v:textbox inset="0,0,20px,0"><![endif]--> <table class="yahoo-ignore-table" style="width:100%;height:185px;min-height:185px;" id="yui_3_16_0_ym19_1_1487801509296_8713" height="185"> <tbody><tr> <td class="card-richInfo2" style="text-align:left;text-align:left;padding:15px 0 0 15px;vertical-align:top;"> </td> <td class="card-actions" style="text-align:right;padding:15px 15px 0 0;vertical-align:top;"> <div class="card-share-container"></div> </td> </tr> </tbody></table> <!--[if gte mso 9]></v:textbox></v:rect><![endif]--> </td> </tr> </tbody></table> </td> </tr> <tr> <td> <table class="card-info yahoo-ignore-table" style="background:#fff;position:relative;z-index:2;width:95%;max-width:380px;border:1px solid #e0e4e9;border-bottom:3px solid #000000;margin-top:-40px;margin-left:auto;margin-right:auto;" cellspacing="0" cellpadding="0" border="0" align="center"> <tbody><tr> <td style="background-color:#ffffff;padding:16px 0 16px 12px;vertical-align:top;"> </td> <td style="vertical-align:middle;padding:16px 12px;width:99%;"> <h2 class="card-title" style="font-size: 16px; line-height:19px; margin:0 0 4px 0;font-family:'Helvetica Neue', Helvetica, Arial, sans-serif;word-break:break-word;">Playing HTTP Tricks with Nginx</h2> <div class="card-description" style="font-size:11px;line-height:15px;color:#999;word-break:break-word;">Update November 2, 2015: If you're interested in advanced access control configuration or other security fea...</div> </td> <td style="text-align:right;padding:16px 12px 16px 0;"> </td> </tr> </tbody></table> </td> </tr> </tbody></table> </td> </tr> </tbody></table> </a></div><div id="yui_3_16_0_ym19_1_1487801509296_8746"><br></div></div></body></html>