Nginx authentication based on parameterized url
Francis Daly
francis at daoine.org
Thu Dec 29 11:44:38 UTC 2016
On Wed, Dec 21, 2016 at 05:19:55AM -0500, tmuesele wrote:
Hi there,
> I need an authentication based on a parameterized class call in a url. For
> example the url:
>
> https://sample.com/index.php?cl=accesstestprivate
>
> should be access-able by IP address 192.168.1.1, if the request doesnt come
> from this IP, a basic auth should be invoked.
>
> All other / pages e.g. index.php, index.php?start=1 should be access-able by
> public.
Your sample config makes it look like:
* 192.168.1.1 can access anything
* any other address can access anything unless it has cl=accesstestprivate
in the query string
* if the request has cl=accesstestprivate in the query string, then most
clients are challenged for basic authentication
> I was trying to use the map function. But in this case, the site is not
> available from public.
It seems to work for me, when I make sure to only use the " double-quote
character in nginx.conf.
> map $arg_cl $auth_type {
> default „off";
> "accesstestprivate“ "closed";
> }
>
> location / {
> satisfy any;
> allow 192.168.1.1;
> auth_basic $auth_type;
> auth_basic_user_file conf/htpasswd;
> proxy_pass http://devserver;
> }
> Any ideas?
What failure do you see?
As in: what request do you make, what response do you get, what response
do you want instead?
Is there anything in the error log?
(I did see "open() "/usr/local/nginx/conf/conf/htpasswd" failed (2:
No such file or directory)" in my error log, until I changed the
auth_basic_user_file directive. But perhaps you have the matching
directory structure already.)
f
--
Francis Daly francis at daoine.org
More information about the nginx
mailing list