nginx http auth module query

António P. P. Almeida appa at perusio.net
Fri Feb 17 04:28:41 UTC 2012


On 17 Fev 2012 04h08 WET, nginx-forum at nginx.us wrote:

> Thanks for the response.
>
> For this -
>
> location /index.php {
> error_page 401 403 /not_authorized.html;
> auth_request /auth.php;
> proxy_pass http://hiphop:4247;
> }
>
> Does it mean that auth.php should be available via the url -
> http://hiphop:4247/auth.php ?

You must create a location that overrides the "default" PHP
handling location.

> location = /auth.php {
> # FCGI stuff or whatever PHP CGI you're using.
>
> # auth.php should return 401 or 403 when auth process fails, return
> # 200 otherwise
> }

  location = /auth.php {
      proxy_pass_request_body off;    
      proxy_set_header Content-Length '';
      proxy_set_header X-Original-URI $request_uri;
      proxy_pass http://hiphop:4247;
  }

Note that the auth_request module only uses the headers. So your
auth.php authorization script must take that into account.

> Does it enter this section after it gets 2xx response from auth.php?

When the /auth.php location returns 200 then the request is
*authorized* and the request is proxy passed to the hiphop upstream in
the index.php location from the above example.

--- appa



More information about the nginx mailing list