auth_request and nested locations
Maxim Dounin
mdounin at mdounin.ru
Tue Dec 11 08:28:08 UTC 2012
Hello!
On Mon, Dec 10, 2012 at 10:35:00PM -0500, djczaski wrote:
> Except for a few exceptions, I want to require authentication for an
> entire site. The safest place would be to put the auth_request
> directive at the http level but there's no way to allow the
> exceptions. If I put the auth_request in locations I'll need to
> repeat it multiple times and that seems less maintainable because the
> chance of it getting missed when new services are added or changed. Is
> there a decent way of structuring the config file for an auth portion
> of a site and an un auth'd side?
There are two basic aproaches:
1) Use "auth_request off" to switch off auth when needed:
auth_request /auth;
location / {
...
}
location /no_auth_here/ {
auth_request off;
}
2) Use nested locations for places which need auth, and
explicitly configure locations without auth when needed:
location / {
auth_request /auth;
location /some_nested_location_with_auth/ {
...
}
}
location /no_auth_here/ {
# no auth_request here
}
--
Maxim Dounin
http://nginx.com/support.html
More information about the nginx
mailing list