Protecting URIs with OAuth2
Jonathan Matthews
contact at jpluscplusm.com
Tue Feb 11 12:32:31 UTC 2014
On 11 Feb 2014 06:33, "kate_r" <nginx-forum at nginx.us> wrote:
>
> Hi
>
> Does anyone know how to protect an URI with OAuth authentication? the
> upstream sever is already capable of issuing new tokens, but I'm hoping
that
> nginx can check the access token for certain URIs.
In my experience, you can easily use nginx to pass the request to an
auth-only app which then tells nginx from where to serve the
success/failure response. I haven't seen a uncomplicated way of getting
nginx itself to do the auth entirely.
I suppose you could write an oauth implementation in lua/perl/etc and embed
it in nginx, but I'd personally argue that would be a mistake in most
architectures.
J
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20140211/1482003b/attachment.html>
More information about the nginx
mailing list