nginx config: multiple locations, authentication in one, triggered for both?
roger.moffatt
nginx-forum at nginx.us
Mon Nov 7 08:48:53 UTC 2011
I originally posted this question on SO, but it might of course be more
logical to ask here;
http://stackoverflow.com/questions/8031471/nginx-location-directive-authentication-happening-in-wrong-location-block
I'm flummoxed.
I have a server that is primarily running couchdb over ssl (using nginx
to proxy the ssl connection) but also has to serve some apache stuff.
Basically I want everything that DOESN'T start /www to be sent to the
couchdb backend. If a url DOES start /www then it should be mapped to
the local apache server on port 8080.
My config below works with the exception that I'm getting prompted for
authentication on the /www paths as well. I'm a bit more used to
configuring Apache than nginx, so I suspect I'm mis-understanding
something, but if anyone can see what is wrong from my configuration
(below) I'd be most grateful.
To clarify my use scenario;
https://my-domain.com/www/script.cgi should be proxied to
http://localhost:8080/script.cgi
https://my-domain.com/anythingelse should be proxied to
http://localhost:5984/anythingelse
ONLY the second should require authentication. It is the authentication
issue that is causing problems - as I mentioned, I am being challenged
on https://my-domain.com/www/anything as well :-(
Here's the config, thanks for any insight.
server {
listen 443;
ssl on;
# Any url starting /www needs to be mapped to the root
# of the back end application server on 8080
location ^~ /www/ {
proxy_pass http://localhost:8080/;
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
# Everything else has to be sent to the couchdb server running
on
# port 5984 and for security, this is protected with auth_basic
# authentication.
location / {
auth_basic "Restricted";
auth_basic_user_file /path-to-passwords;
proxy_pass http://localhost:5984;
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Ssl on;
}
}
Thanks for some pointers - I'm not sure how I can resolve this
correctly.
Posted at Nginx Forum: http://forum.nginx.org/read.php?2,217906,217906#msg-217906
More information about the nginx
mailing list