Is authentication not supported over https?

Wayne E. Seguin wayneseguin at
Sat Mar 3 15:43:12 MSK 2007

On Mar 02, 2007, at 14:14 , Wayne E. Seguin wrote:
> New issue, I can't seem to use the basic authentication with https.
> Is authentication not supported over https?

I figured out how to get it working, it still doesn't make sense to  
me though.

What I did to get it working was move the auth lines into the server/  
section from the location/ section contained within.

Even though the documentation
specifically states that context may be "context: http, server,  
location, limit_except".

My best guess as to why this move worked is something to the tune of:
The auth was literally ONLY applying to / and once the location went  
away from / it no longer worked...
but that's only a half-baked idea.


For your reference, the working sections are below:

http {
server {
   # port to listen on. Can also be set to an IP:PORT
   listen 443;

   ssl                  on;
   ssl_certificate      /etc/nginx/ssl/;
   ssl_certificate_key  /etc/nginx/ssl/;
   #keepalive_timeout    70;

   # Set the max size for file uploads to 50Mb
   client_max_body_size 50M;

   # sets the domain[s] that this vhost server requests for

   auth_basic            "Restricted";
   auth_basic_user_file  /etc/nginx/users;

   # doc root
   root /home/jentryx_blog/current/public;

   # vhost specific access log
   access_log  /var/log/nginx.vhost.access.log  main;

   # this rewrites all the requests to the maintenance.html
   # page if it exists in the doc root. This is for capistrano's
   # disable web task
   if (-f $document_root/system/maintenance.html) {
     rewrite  ^(.*)$  /system/maintenance.html last;

   location / {

     # needed to forward user's IP address to rails
     proxy_set_header  X-Real-IP  $remote_addr;

     # needed for HTTPS
     proxy_set_header X_FORWARDED_PROTO https;

     # needed for HTTPS
     proxy_set_header  X-Forwarded-For $proxy_add_x_forwarded_for;
     proxy_set_header Host $http_host;
     proxy_redirect false;
     proxy_max_temp_file_size 0;


More information about the nginx mailing list