Making http_auth_request_module a first-class citizen? [patch]
Piotr Sikora
piotr.sikora at frickle.com
Thu Feb 16 12:38:04 UTC 2012
Max,
please keep the discussion in single thread.
> Any comments will be appreciated.
You're delusional, don't try to fix things that you don't understand.
Your whole reasoning is based on a fact that you think that authorization
subrequest fetches the protected file/page which client wants to access, but
that's not the case. Authorization subrequest should access special
authorization endpoint (or database or anything else you can think of) and
either grant access and let the main request access the protected file/page
or not.
Best regards,
Piotr Sikora < piotr.sikora at frickle.com >
More information about the nginx
mailing list