remote_user and remote_password for custom http authentication?

Jed Schmidt tr at nslator.jp
Sun Oct 14 20:53:01 MSD 2007


A little more information to shed some light on this problem. I have
an SSI-enabled html file at

http://72.44.41.145/beta/authcheck.html

which contains the following:

http_authorization: <!--# echo var="http_authorization"-->

When I execute the following in curl:

curl http://user:pass@72.44.41.145/beta/authcheck.html

I get

http_authorization: Basic dXNlcjpwYXNz

But when I use Firefox or Safari to get _the_same_URL_, I get

http_authorization:

I am totally at a loss. Would someone mind giving this URL a try and
tell me what I'm doing wrong?

Thanks again,

Jed


On 10/15/07, Jed Schmidt <tr at nslator.jp> wrote:
> Manilo,
>
> Thanks for that reference. Maybe I'm doing something wrong, but when I
> access a URL in the $user:$password at domain.com/ format, and then try
> to access the $http_authorization variable in an SSI or in a rewrite
> rule, it returns nothing. In other words, let's say I have the
> following rule:
>
> location = /auth {
>         rewrite         (.*)    http://google.com/search?q=$http_authorization;
> }
>
> and then access http://user:pass@domain.com/auth. If the username and
> password were accessible, wouldn't I be forwarded to
> http://google.com/search?q=user:pass? Right now I'm being forwarded to
> http://google.com/search?q= instead.
>
> Thanks again for your help,
>
> Jed
>
>
> On 10/14/07, Manlio Perillo <manlio_perillo at libero.it> wrote:
> > Jed Schmidt ha scritto:
> > > Igor,
> > >
> > > It would be awesome if you could add that, unless there is a way to
> > > access it already. Is there some header, for example, from which I can
> > > access it already?
> > >
> >
> > http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.8
> > http://www.ietf.org/rfc/rfc2617.txt
> >
> >
> >
> > Regards  Manlio Perillo
> >
> >
>





More information about the nginx mailing list