Sending basic auth to "backend" servers

Maxim Dounin mdounin at
Thu May 26 13:25:21 UTC 2016


On Wed, May 25, 2016 at 04:02:46PM -0400, jrhodes wrote:

> Hey everyone
> I'm trying to achieve something a little unique (have read a LOT of
> documentation and posts) 
> I want to use ngnix as a LB to a handful of squid servers I have to
> distribute http requests on a round robin basis.
> Each squid web server in the "backend" accepts a unique username and
> password.
> Would anyone be able to point me in the right direction config wise on how
> to define a unique user/pass for each server in the load balanced pool?

Normal logic of load balancing in nginx assumes the same request can 
be sent to multiple backend servers, and therefore it won't work 
for you - as you need to construct unique request to each backend, 
with it's own Authorization header.

To do what you want you may try distributing requests "by hand", 
e.g., using the split_clients module:

    split_client $remote_addr $backend {

    map $backend $backend_auth { QWxhZGRpbjpvcGVuIHNlc2FtZQ==; QWxhZGRpbjpvcGVuIHNlc2FtZQ==;

    server {

        location / {
            proxy_pass http://$backend;
            proxy_set_header Authorization "Basic $backend_auth";

More information can be found in the documentation here:

Maxim Dounin

More information about the nginx mailing list