Allow access to only a specific user from a htpasswd file

Dave Hayes dave at jetcafe.org
Mon Aug 8 04:01:24 UTC 2011


Leigh Dyer <lsd at wootangent.net> writes:
> I've tried testing the value of $remote_user -- this is what I have at 
> the moment:
> location /foo {
>          auth_basic "Foo";
>          auth_basic_user_file "foo-htpasswd";

>          if ($remote_user = "leigh") {
>                  proxy_pass http://127.0.0.1:19000;
>          }
> }
> This mostly works, but if you log in with an account other than "leigh" 
> that's in the password file, the browser returns a 404 and no longer 
> prompts for login details. 

Just a suggestion, and I'm by no means an expert, but I may have begun
to learn how if blocks really work. Try this:

 location /foo {
          auth_basic "Foo";
          auth_basic_user_file "foo-htpasswd";
          proxy_pass http://127.0.0.1:19000;
          if ($remote_user != "leigh") {
              return 403;
          }
  }

and see if that helps.
-- 
Dave Hayes - Consultant - Altadena CA, USA - dave at jetcafe.org 
>>> The opinions expressed above are entirely my own <<<

It's easier to fight for one's principles than to live up to them.




More information about the nginx mailing list