[SHOW'N'TELL] Primitive RBAC/AAA implementation in nginx config
Jonathan Matthews
contact at jpluscplusm.com
Wed Feb 26 20:23:14 UTC 2014
On 26 Feb 2014 12:05, "Jonathan Matthews" <contact at jpluscplusm.com> wrote:
>
> Hi all -
>
> I spent some time poking at a interesting problem that came up last
> night, and ended up with this primitive RBAC system, implemented in
> declarative nginx config.
Thanks to the couple of people who reminded me this may not be a
frequently-used term on this list :-)
Role Based Access Control systems are a technique for limiting access to
resources based on people belonging to groups (roles) and not being granted
access individually: https://en.wikipedia.org/wiki/Role-based_access_control
In this case, the resources are URIs, potentially proxy_pass'd, and the
users are HTTP basic auth users. My implementation is nothing special, but
I'd not seen a reasonably scalable one implemented purely in declarative
nginx configuration syntax before :-)
Anyway, tell me why it sucks ... https://gist.github.com/jpluscplusm/9227777
J
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20140226/cc5ebee3/attachment.html>
More information about the nginx
mailing list