Making http_auth_request_module a first-class citizen? [patch]

Piotr Sikora piotr.sikora at
Thu Feb 16 12:38:04 UTC 2012

please keep the discussion in single thread.

> Any comments will be appreciated.

You're delusional, don't try to fix things that you don't understand.

Your whole reasoning is based on a fact that you think that authorization 
subrequest fetches the protected file/page which client wants to access, but 
that's not the case. Authorization subrequest should access special 
authorization endpoint (or database or anything else you can think of) and 
either grant access and let the main request access the protected file/page 
or not.

Best regards,
Piotr Sikora < piotr.sikora at >

More information about the nginx mailing list