Troubles with http basic authentication.
Maxim Dounin
mdounin at mdounin.ru
Sat Sep 29 21:15:01 MSD 2007
Hello!
On Fri, 28 Sep 2007, Matteo Niccoli wrote:
> I'm trying to enable basic authentication for a location like this:
>
> location /admin {
> auth_basic "Restricted";
> auth_basic_user_file /tmp/.trypass;
> index index.php5;
> allow 192.168.1.1;
> deny all;
> }
>
> When I try to connect to this location, if I use:
>
> http://$servername/admin/ and I press Esc two times, nginx give me
> out: 401 Authorization Required
>
> If I try to connect to:
>
> http://$servername/admin/index.php5 and I press Esc two times,
> nginx allow me the access also if I don't have insert username and
> password.
>
> It's my mistake or it's a bug?
It's you mistake. You should understand, that request in nginx processed
according to configuration in most-specific location. So your location
"location /admin/" with authorization turned on won't influence request
processing at all if you have more specific location to handle you php
scripts.
Authorization works for the first type of request (without index.php5
explicitly specified) because it's actually processed twice - once to find
out the new request url (according to index directive in your /admin/
location) and again to handle /admin/index.php5 request.
You should use something like this:
location /admin/ {
auth_basic ...
}
location ~ ^/admin/.*\.php5$ {
auth_basic ...
fastcgi_pass ...
}
NB: regex locations are processed in order, so you should specify
"location ~ ^/admin/.*\.php5$" before your generic .php5 location.
Maxim Dounin
More information about the nginx
mailing list