<html>
<head>
<meta content="text/html; charset=windows-1252"
http-equiv="Content-Type">
</head>
<body bgcolor="#FFFFFF" text="#000000">
<div class="moz-cite-prefix">This behavior is cause by general
request processing logic. You may look at <tt>ngx_http_core_module.h</tt>
which defines request processing phases.<br>
You may notice that a rewrite phase ('return' acts as a rewrite,
actually) is run before access phase. So you have your request
returned before access rules are checked.<br>
At the same time, try_files phase as after the access phase. So
you may try using:<br>
<tt><br>
</tt>
<p><tt>location /auth {</tt></p>
<p><tt> auth_basic_user_file /etc/nginx/.htpasswd;</tt></p>
<p><tt> auth_basic "Secret";</tt></p>
<p><tt> # try_files will be used only for a valid authenticated
user<br>
</tt></p>
<p><tt> try_files @redir =403; #403 will never be returned from
here.<br>
</tt></p>
<p><tt>}</tt></p>
<p><tt>location @redir {</tt></p>
<p><tt> return 200 'hello';</tt></p>
<p><tt>}</tt></p>
<br>
This looks a little bit hacky, but is pretty reasonable e.g. if
you want to return 404.<br>
<br>
Just curious, why won't you auth protect your final destination?<br>
<br>
On 06.11.2016 18:09, Scott McGillivray wrote:<br>
</div>
<blockquote
cite="mid:AM2PR02MB05961524E34DBABED582AAFECDA40@AM2PR02MB0596.eurprd02.prod.outlook.com"
type="cite">
<meta http-equiv="Content-Type" content="text/html;
charset=windows-1252">
<style type="text/css" style="display:none;"><!-- P {margin-top:0;margin-bottom:0;} --></style>
<div id="divtagdefaultwrapper"
style="font-size:12pt;color:#000000;font-family:Calibri,Arial,Helvetica,sans-serif;">
<p style="margin-right: 0px; margin-bottom: 1em; margin-left:
0px; padding: 0px; border: 0px; font-size: 15px; clear: both;
color: rgb(36, 39, 41); font-family: Arial, "Helvetica
Neue", Helvetica, sans-serif;">
i thought this would work but for some reason it doesn't. </p>
<p style="margin-right: 0px; margin-bottom: 1em; margin-left:
0px; padding: 0px; border: 0px; font-size: 15px; clear: both;
color: rgb(36, 39, 41); font-family: Arial, "Helvetica
Neue", Helvetica, sans-serif;">
</p>
<pre style="margin-top: 0px; margin-bottom: 1em; padding: 5px; border: 0px; font-size: 13px; width: auto; max-height: 600px; overflow: auto; font-family: Consolas, Menlo, Monaco, "Lucida Console", "Liberation Mono", "DejaVu Sans Mono", "Bitstream Vera Sans Mono", "Courier New", monospace, sans-serif; background-color: rgb(239, 240, 241); word-wrap: normal; color: rgb(36, 39, 41);"><code style="margin: 0px; padding: 0px; border: 0px; font-family: Consolas, Menlo, Monaco, "Lucida Console", "Liberation Mono", "DejaVu Sans Mono", "Bitstream Vera Sans Mono", "Courier New", monospace, sans-serif; white-space: inherit;"> location /auth {
auth_basic_user_file /etc/nginx/.htpasswd;
auth_basic "Secret";
return 200 'hello';
}
</code></pre>
<p style="margin-right: 0px; margin-bottom: 1em; margin-left:
0px; padding: 0px; border: 0px; font-size: 15px; clear: both;
color: rgb(36, 39, 41); font-family: Arial, "Helvetica
Neue", Helvetica, sans-serif;">
</p>
<p style="margin-right: 0px; margin-bottom: 1em; margin-left:
0px; padding: 0px; border: 0px; font-size: 15px; clear: both;
color: rgb(36, 39, 41); font-family: Arial, "Helvetica
Neue", Helvetica, sans-serif;">
<br>
</p>
<p style="margin-right: 0px; margin-bottom: 1em; margin-left:
0px; padding: 0px; border: 0px; font-size: 15px; clear: both;
color: rgb(36, 39, 41); font-family: Arial, "Helvetica
Neue", Helvetica, sans-serif;">
When i specify the return, 200 or 301, it just skips the
auth_basic and processes the return statement.</p>
<p style="margin-right: 0px; margin-bottom: 1em; margin-left:
0px; padding: 0px; border: 0px; font-size: 15px; clear: both;
color: rgb(36, 39, 41); font-family: Arial, "Helvetica
Neue", Helvetica, sans-serif;">
If i comment out the return statement it works OK. Ideally i
want just an <code style="margin: 0px; padding: 1px 5px; border: 0px; font-size: 13px; font-family: Consolas, Menlo, Monaco, "Lucida Console", "Liberation Mono", "DejaVu Sans Mono", "Bitstream Vera Sans Mono", "Courier New", monospace, sans-serif; background-color: rgb(239, 240, 241); white-space: pre-wrap;">/auth</code> endpoint
that once authenticated it will 301 redirect to $host,
e.g. return 301 <a moz-do-not-send="true" href="http://$host"
class="OWAAutoLink">
http://$host</a> </p>
<p style="margin-right: 0px; margin-bottom: 1em; margin-left:
0px; padding: 0px; border: 0px; font-size: 15px; clear: both;
color: rgb(36, 39, 41); font-family: Arial, "Helvetica
Neue", Helvetica, sans-serif;">
Can someone explain why this behaves this way and what is the
correct configuration.</p>
<p style="margin-right: 0px; margin-bottom: 1em; margin-left:
0px; padding: 0px; border: 0px; font-size: 15px; clear: both;
color: rgb(36, 39, 41); font-family: Arial, "Helvetica
Neue", Helvetica, sans-serif;">
many thanks</p>
</div>
<br>
<fieldset class="mimeAttachmentHeader"></fieldset>
<br>
<pre wrap="">_______________________________________________
nginx mailing list
<a class="moz-txt-link-abbreviated" href="mailto:nginx@nginx.org">nginx@nginx.org</a>
<a class="moz-txt-link-freetext" href="http://mailman.nginx.org/mailman/listinfo/nginx">http://mailman.nginx.org/mailman/listinfo/nginx</a></pre>
</blockquote>
<p><br>
</p>
</body>
</html>