HTTP Basic Auth question

Francis Daly francis at daoine.org
Wed May 1 21:45:55 UTC 2013


On Wed, May 01, 2013 at 01:17:41PM -0400, B.R. wrote:

Hi there,

> To pass the nginx user to a fastcgi backend (PHP), I have to explicitly
> specify it using the following directive:
> fastcgi_param   MY_USER      $remote_user;
> 
> I suppose you can do the same with proxy_pass?

That's how I'd do it -- probably proxy_set_header if the python
application is accessed using proxy_pass.

> I dunno how to remove an automatically forwarded parameter though... Maybe
> overwriting it with an empty string?

The password is in the http header Authorization, so using
proxy_hide_header to avoid sending that should be enough.

> On Wed, May 1, 2013 at 10:26 AM, Russ Lavoy <ussray_00 at yahoo.com> wrote:

> > I am running nginx as a reverse proxy to a python application.  I am
> > wondering how I would be able to pass ONLY the user account and not the
> > password.  Can this be done?

As above: how are the user and pass currently sent? It will be by
"fastcgi_pass" or "proxy_pass" or something similar. Use the matching
"_hide_header" directive on the correct header to avoid sending it.

How do you want the user to be sent? Use the variable $remote_user and
the matching "_set_header" or "_param" directive to send the provided
username.

	f
-- 
Francis Daly        francis at daoine.org



More information about the nginx mailing list