Setting a header inside an if block

Ruslan Ermilov ru at
Thu Feb 6 09:06:16 UTC 2014

On Wed, Feb 05, 2014 at 05:12:55PM -0500, justink101 wrote:
> I don't have the auth_request module? All I need to do, is set the
> WWW-Authenticate header.

So you only want to ensure that the basic authentication
was attempted, but don't want to check the credentials on
the nginx side?  Here's how:

http {
    map $remote_user $realm {
	default off;

    server {
	auth_basic $realm;
	auth_basic_user_file /dev/null;

It means that HTTTP basic authentication by nginx will be
disabled ("off") if $remote_user is not empty, and enabled
(and return 401 with an appropriate header) otherwise.

More information about the nginx mailing list