user authentication with nginx
farseas at gmail.com
Sun Aug 19 22:37:39 UTC 2012
I am not clear on how this would work in the nginx.conf file.
Also, aren't there security risks using the headers? Can't someone spoof
the headers and gain access that way?
Like I said, this is all rather unclear to me.
On Sun, Aug 19, 2012 at 6:24 PM, Jonathan Matthews
<contact at jpluscplusm.com>wrote:
> On 19 August 2012 22:32, Bob Stanton <farseas at gmail.com> wrote:
> > I want to find a secure but simple method for authenticating users in an
> > Nginx environment.
> > I have succeeded in figuring out the auth_basic mod but that does not
> > my needs.
> > I specifically want to supply my own form, get the username and PW,
> check it
> > against my DB with a CGI program, and then pass values back to Nginx.
> Use proxy_pass (http://nginx.org/r/proxy_pass) or fastcgi_pass
> (http://nginx.org/r/fastcgi_pass) to communicate the Auth headers to
> your daemon, which should then respond with whatever page you want
> your users to see in the event of auth success or failure.
> There are many configuration examples for these on the interwebs.
> Jonathan Matthews
> Oxford, London, UK
> nginx mailing list
> nginx at nginx.org
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the nginx