Local and Remote User Authentication

Hari Miriyala hari at cpacket.com
Thu Apr 24 16:40:38 UTC 2014


Hi All,

We have nginx1.4.7 with ngx_http_auth_request_module and
ngx_http_auth_basic_module besides few other modules. There are few other
modules also, but have mentioned above two modules only due to relevance to
this discussion.

Our application requires to have local user (meaning - store user name and
passwd and authenticate at our server) and remote user (meaning - delegate
authentication to remote servers like Radius/TACACS+, in this case, our
application is aware of only user name and which remote server to send
authentication request).

The goal is to configure nginx as following:

1. Configure nginx to prompt username/passwd
2. Once user enters username and passwd, get access to these fields and
pass to our web application which looks at local database and decides
whether user is local or remote.
3. If user is local, authenticate using ngx_http_auth_basic_module
(htpasswd style)
4. If user is remote, delegate authentication to remote server using
ngx_http_auth_request_module
5. Once authentication is successful (either in step 3 or step 4), pass
control back to our application for some book-keeping
6. Let authenticated user access application

Any suggestions how do we configure nginx to achieve above? please share
your thoughts/ideas/sample configs etc.

Regards,
Hari
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20140424/07f3e868/attachment.html>


More information about the nginx mailing list