basic auth with rewrite issue

merlin corey merlincorey at dc949.org
Tue Jan 19 00:27:43 MSK 2010 

On Fri, Jan 15, 2010 at 6:28 PM, zlegein <nginx-forum at nginx.us> wrote:
> Hi all,
>
> We are using nginx-0.6.35 and we have a kludge of a set for one of our apps because it is only installed on one server in a pair. So we have an odd setup for it:
>
>
> server {
>  listen 80;
>  server_name dns.app1.com;
>  rewrite ^(.*)$ http://dns.app1.com:8888$1 permanent;
> }
>
>
> Both servers have this configuration and it works. But now i want to introduce basic auth for the app, but i can not seem to get this to work:
>
>
> server {
>  listen 80;
>  server_name app-on-server-1.company.com;
>  rewrite ^(.*)$ http://app-on-server-1.company.com:8888$1 permanent;
>  location / {
>      auth_basic "Restricted";
>      auth_basic_user_file passfile
>  }
> }
>
>
> I read in another post that auth and rewrite can't be setup like this. so now I am a bit stumped at how i would set this up. granted my knowledge in this area is thin.
>
> Ideally i would like to set something like this up where we don't deal with the permanent :8888 port on the url, but this doesn't seem to work. where both servers have this:
>
>
> server {
>  listen 80;
>  server_name dns.app1.com;
>  location / {
>      auth_basic "Restricted";
>      auth_basic_user_file passfile;
>      include /etc/nginx/common/proxy.conf;
>      proxy_pass http://10.4.5.6:8888;
>      break;
>  }
> }
>
>
>
> Any help
>
> Thanks
>
> Zach
>
> Posted at Nginx Forum: http://forum.nginx.org/read.php?2,41891,41891#msg-41891
>
>
> _______________________________________________
> nginx mailing list
> nginx at nginx.org
> http://nginx.org/mailman/listinfo/nginx
>

Zach,

"rewrite ... permanent;" sends a location header to the client causing
them to redirect.  Since you are redirecting all requests, the auth in
location / is never encountered. Instead, the auth should be located
in
app-on-server-1.company.com's configuration.  Also note that NginX is
not meant to be a very good forward proxy if you are not in control of
the other server's configuration.

By the way, a slightly better way to rewrite all requests is like
this: "rewrite ^ http://destination$request_uri;". No need to capture
what is already captured ;).

Thanks,
Merlin

More information about the nginx mailing list