Doing an "upstream" request without sending result back to client

Vincent Gross dermiste at kilob.yt
Mon Dec 2 10:22:50 UTC 2013


Hi folks,

I want to implemement a webid authn module in nginx. This is the big picture:

1. Client do an https request and sends a client cert
2. Certs contains a subjectAltName URI, e.g. https://mysite.info/id/
3. Server fetches https://mysite.info/id/ content
4. If content do contains public key info matching client cert, authn
   successful.

From what I see in src/http/ngx_http_upstream.c in functions
ngx_http_upstream_process_header(ngx_http_request_t *, ngx_http_upstream_t *)
& ngx_http_upstream_send_response(ngx_http_request_t *, ngx_http_upstream_t *),
it is not possible to do the request [3] without sending back at least a
response header back to the client.

Did I miss something or am I really setting myself for reimplementing the
mechanisms of ngx_http_upstream.c? Any advices/guidelines for the latter (other
then taking example on original upstream?)

Cheers,

--
Vincent
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 196 bytes
Desc: not available
URL: <http://mailman.nginx.org/pipermail/nginx-devel/attachments/20131202/ad22d336/attachment.bin>


More information about the nginx-devel mailing list