Separated reverse proxy for different users

ivy nginx-forum at
Fri Aug 25 10:33:11 UTC 2017

Hi, I'm relatively new to HTTP servers and absolutely new to nginx.
I have HTTP server which should ask user credentials and redirect every user
to its own reverse proxy.

The initial setting is:
    server {
        listen      80 default_server;
        listen [::]:80  default_server ipv6only=on;
        set $auth_status 100;
        server_name  localhost;
        root         /usr/share/nginx/html;
        include /etc/nginx/default.d/*.conf;

        location / {
            try_files $uri $uri/ =404;
            auth_basic "restricted content";
            auth_basic_user_file "/home/secure/.passwords";
            auth_request_set $auth_status $upstream_status;

            if ($remote_user = "ivy") {
                proxy_pass http://localhost:10080;
            if ($remote_user = "john") {
                proxy_pass http://localhost:10081;

It works OK. However, I think it's pretty ugly to have separated "if" per
user. Therefore, I want to add a map:
    map $remote_user $rp_port {
       include /home/secure/;

The map contains:
ivy 10080;
john 10081;

>From documentation I understood this should come before server definition.
Then I tried to replace all "ifs" in server body with:
          proxy_pass http://localhost:$rp_port

This configuration gives following errors:
2017/08/25 06:29:38 [error] 26582#26582: *631 invalid port in upstream
"localhost:", client: ..., server: localhost, request: "GET / HTTP/1.1",
host: "..."
2017/08/25 06:29:48 [error] 26582#26582: *632 no resolver defined to resolve
localhost, client: ..., server: localhost, request: "GET / HTTP/1.1", host:

It's clear that I miss something in the documentation.
Please, help to build a map for reverse proxy by user authentication

Thank you.

Posted at Nginx Forum:,276150,276150#msg-276150

More information about the nginx mailing list