nginx auth_basic with proxy pass to tomcat

Francis Daly francis at
Thu Nov 8 13:40:24 UTC 2012

On Thu, Nov 08, 2012 at 11:04:39AM +1100, Tharanga Abeyseela wrote:

Hi there,

> thanks for the reply. actually it inside the server block :-) ,

Good to hear.

> i managed to resolve the issue using a rewrite rule as follows
>    location /demo/ {
>         auth_basic "Restricted";
>         auth_basic_user_file /var/www/demo/.htpass;
>         error_page 404 = @redirect;
> #       rewrite ^/demo/(.*)$ http://x.x.x.x/$1 permanent;
>       }
>       location @redirect {
>         rewrite ^/demo/(.*)$ http://x.x.x.x/$1 permanent;
>       }

That seems very complicated.

I'm a bit unclear on what issue this configuration resolves. It looks
to me like it will (a) insist that anyone accessing things below /demo/
are challenged for credentials; and (b) allow anyone access to anything
other than /demo/ without providing credentials.

Can you describe what it is that you want, and what it is that you do
not want? I'm not sure whether the x.x.x.x above is "this server" or
"some other server"; and I'm not sure what happened to "/next" from the
original configuration.

> is it possible to enable nginx authentication before proxy_pass to tomcat ?

Yes. Put the "auth_basic" in the same location as the "proxy_pass".

If that doesn't do what you want, then I'm afraid that I don't understand
what it is that you want.

Francis Daly        francis at

More information about the nginx mailing list