Issue with NGINX as reverse proxy with basic auth in front of Apache with basic auth

Maxim Dounin mdounin at
Thu Sep 1 14:50:49 UTC 2011


On Thu, Sep 01, 2011 at 10:19:57AM -0400, ssaravalli wrote:


> So, is there a way to tell NGINX to manage only the first authentication
> level and when the user provides username/password (LDAP) for the
> backend web app, these credentials must be managed by the backend web
> server?

There is no levels of authentication possible in HTTP 

More strictly, there are two levels: proxy and client.  The 
proxy level is reserved to working with proxies, and it's not 
generally possible to use it anywhere else (additionally, I 
believe it's not supported by majority of software).

Please refer to RFC 2616 and RFC 2617 for more details.

> Another solution may be to keep on the backend the LDAP auth and on the
> frontend (NGINX) a form based authentication?

This should work.

Maxim Dounin

More information about the nginx mailing list