nginx auth_basic with proxy pass to tomcat

Tharanga Abeyseela tharanga.abeyseela at
Thu Nov 8 23:06:57 UTC 2012


when the user enter http:///x.x.x.x/ - it will give forbidden message.
(i removed index.html to demo directory)

im giving the url to users as follows

http://x.x.x.x/demo/   - so this will ask for user/pass -   thats what
i wanted to do
after entering to above url - user will be landed to my index.html  -
it has all tomcat paths to connect (just hyper links)

x.x.x.x is the same  server - not a different server

i'm not redirecting to different server. everything is done on the same server.

i agree. the rewrite is complicated for a small authentication
handling. but other methods didn't work for me :)

thanks for your help and suggestions :)


now issue is when the user enter http://x.x.x.x/next  it bypass the
nginx auth and going to tomcat path with out any authentication. may
be i need to configure that on web.xml. i prefer to configure nginx
auth for all tomcat and nginx paths. actually tomcat is the  front-end
server hadnles/redirects client request to appropriate server.

On Fri, Nov 9, 2012 at 12:40 AM, Francis Daly <francis at> wrote:
> On Thu, Nov 08, 2012 at 11:04:39AM +1100, Tharanga Abeyseela wrote:
> Hi there,
>> thanks for the reply. actually it inside the server block :-) ,
> Good to hear.
>> i managed to resolve the issue using a rewrite rule as follows
>>    location /demo/ {
>>         auth_basic "Restricted";
>>         auth_basic_user_file /var/www/demo/.htpass;
>>         error_page 404 = @redirect;
>> #       rewrite ^/demo/(.*)$ http://x.x.x.x/$1 permanent;
>>       }
>>       location @redirect {
>>         rewrite ^/demo/(.*)$ http://x.x.x.x/$1 permanent;
>>       }
> That seems very complicated.
> I'm a bit unclear on what issue this configuration resolves. It looks
> to me like it will (a) insist that anyone accessing things below /demo/
> are challenged for credentials; and (b) allow anyone access to anything
> other than /demo/ without providing credentials.
> Can you describe what it is that you want, and what it is that you do
> not want? I'm not sure whether the x.x.x.x above is "this server" or
> "some other server"; and I'm not sure what happened to "/next" from the
> original configuration.
>> is it possible to enable nginx authentication before proxy_pass to tomcat ?
> Yes. Put the "auth_basic" in the same location as the "proxy_pass".
> If that doesn't do what you want, then I'm afraid that I don't understand
> what it is that you want.
>         f
> --
> Francis Daly        francis at
> _______________________________________________
> nginx mailing list
> nginx at

More information about the nginx mailing list