Inconsistent behavior with Nginx's auth_request_set and more_set_input_headers

admin at admin at
Sat Jun 28 17:35:27 UTC 2014


I'm trying to use the auth_request module in conjunction with the 
more_set_input_headers to automatically login my users into web apps.

Basically, it works like this:

1. Users have some session cookie that authenticates them.
2. I have a PHP script (auth.php) that validates the cookie and returns 
their proper username as a response header.
3. Nginx calls auth.php with auth_request, and sets the username in a 
4. Nginx then calls the web app with a request header set to the correct 
5. The web app reads the header, and logs the user in.

This works, but strangely inconsistent. The issue is that when a user 
accesses the web app on /app/, it works (the request header is sent), 
but when the app is accesssed on /app/index.php, it never receives the 
header from nginx.

I've created a mock configuration that reproduces the error. It doesn't 
matter if I use a browser or cURL; both give the same behavior.

I thought it'd be a bit hard to view configuration files on a mailing 
list, so I've created a topic on ServerFault. Reply whichever way you 
like best. Topic is here:

Thanks a lot! This issue has kept me up for a few days now already.

More information about the nginx mailing list