HTTP Basic Auth question
francis at daoine.org
Wed May 1 21:45:55 UTC 2013
On Wed, May 01, 2013 at 01:17:41PM -0400, B.R. wrote:
> To pass the nginx user to a fastcgi backend (PHP), I have to explicitly
> specify it using the following directive:
> fastcgi_param MY_USER $remote_user;
> I suppose you can do the same with proxy_pass?
That's how I'd do it -- probably proxy_set_header if the python
application is accessed using proxy_pass.
> I dunno how to remove an automatically forwarded parameter though... Maybe
> overwriting it with an empty string?
The password is in the http header Authorization, so using
proxy_hide_header to avoid sending that should be enough.
> On Wed, May 1, 2013 at 10:26 AM, Russ Lavoy <ussray_00 at yahoo.com> wrote:
> > I am running nginx as a reverse proxy to a python application. I am
> > wondering how I would be able to pass ONLY the user account and not the
> > password. Can this be done?
As above: how are the user and pass currently sent? It will be by
"fastcgi_pass" or "proxy_pass" or something similar. Use the matching
"_hide_header" directive on the correct header to avoid sending it.
How do you want the user to be sent? Use the variable $remote_user and
the matching "_set_header" or "_param" directive to send the provided
Francis Daly francis at daoine.org
More information about the nginx