nginx priority for rewrite and access restriction

[kay]

I would like to enable /123 location only for locahost, but it doesn't work,
nginx return 302 redirect with header. It seems rewrite directive has higher
priority than access module.

    location /123 {
                satisfy all;
                allow   127.0.0.1/32;
                deny    all;
                add_header Set-Cookie "cookie=123; Domain=localhost";
                rewrite ^ / redirect;
    }

How to restrict access for /123 location without "if"?

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,250391,250391#msg-250391