Basic Auth only for external IPs and not localhost or LAN networks
António P. P. Almeida
appa at perusio.net
Wed Feb 15 05:01:04 UTC 2012
On 15 Fev 2012 04h33 WET, quintinpar at gmail.com wrote:
> Hi all,
>
> I have a location directive with basic auth in it.
>
> location / {
>
> auth_basic "Admin Login";
>
> auth_basic_user_file /etc/nginx/.htpasswd;
> }
> How do I specify a rule such that the basic auth is applied only to
> external IPs and not to 127.0.0.x, 192.0.x & 10.0.x?
>
> I run Jenkins from a sub-domain and my git post-commit-hook needs to
> hit a URL under this location directive to trigger continuous
> integration. But this Jenkins cannot handle basic auth that blocks
> the URL submit.
>
At the http level:
geo $is_authorized {
default 0;
127.0.0.1 1;
192.0.0.0/16 1;
10.0.0.0/16 1;
}
On the vhost:
location / {
error_page 418 @no-auth;
if ($is_authorized) {
return 418;
}
auth_basic "Admin Login";
auth_basic_user_file .htpasswd;
# ... content handler directives here or default (static)
}
location @no-auth {
# ... content handler directives here or default (static)
}
--- appa
More information about the nginx
mailing list