nginx call external api
dadude
nginx-forum at nginx.us
Thu Jan 8 11:29:08 UTC 2015
Hi @all,
i need some help with the following situation: we use nginx as reverse proxy
for microsoft exchange owa / active sync
All working so far but since yesterday we have a new firewall (Palo Alto)
which supports "User-ID", meaning that the remote IP is connect to the
domain\username. That means that all non-microsoft devices (Apple, Linux)
can also use user-based policies in the firewall.
Now the problem is, that the username, which is accessing exchange, is bound
to the proxy ip and not to the client ip.
There exits an Palo Alto API which supports manual mapping via the API. Now
my idea was to use the parameters $remote_addr and $remote_user to get this
running but i have no idea how to call the api.
An example looks like this:
https://<Firewall-IPaddress>/api/?type=user-id&key=<Key
Value>&action=set&vsys=vsys1&cmd=<uid-message><version>1.0</version><type>update</type><payload><login><entry
name="pan\sam1" ip="192.168.141.82"/></login></payload></uid-message>
"pan\sam1" has to be replaced by $remote_user and ip by $remote_addr,
right?
But which is the right place in the config to start the api call? My config
looks similiar like this: forum.nginx.org/read.php?11,252590,252590
Thanks a lot in advance,
Uwe
Posted at Nginx Forum: http://forum.nginx.org/read.php?2,256001,256001#msg-256001
More information about the nginx
mailing list