Location regex + if + basic auth to restrict directory access

B.R. reallfqq-nginx at yahoo.fr
Thu Feb 28 22:36:59 UTC 2013


I am using basic auth + $remote_user variable send to the back-end
application to change context depending on the logged-in user.

The thing is, even if the page rendered by the back-end uses nginx user
authentication, resources from a directory are still allowed for everyone.

My 'documents' directory is sorted as follows:
    abc/ --> stores content for user 'abc'
    def/ --> stores content for user 'def'

I tried the following:
location ^~ /documents/(\w+) {
    if ($1 != $remote_user) {
        return 503;

But Nginx refuses to validate configuration:
nginx: [emerg] unknown "1" variable
nginx: configuration file /etc/nginx/nginx.conf test failed

Does the 'if' directive have an environment isolated for the on of the
'location' directive?
Am I using wrong syntax?
Is there a 'IfIsEvil' case corresponding to my needs to avoid the use of
the 'if' directive?

*B. R.*
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20130228/8271530f/attachment-0001.html>

More information about the nginx mailing list