Sending basic auth to "backend" servers
Maxim Dounin
mdounin at mdounin.ru
Thu May 26 13:25:21 UTC 2016
Hello!
On Wed, May 25, 2016 at 04:02:46PM -0400, jrhodes wrote:
> Hey everyone
>
> I'm trying to achieve something a little unique (have read a LOT of
> documentation and posts)
>
> I want to use ngnix as a LB to a handful of squid servers I have to
> distribute http requests on a round robin basis.
>
> Each squid web server in the "backend" accepts a unique username and
> password.
>
> Would anyone be able to point me in the right direction config wise on how
> to define a unique user/pass for each server in the load balanced pool?
Normal logic of load balancing in nginx assumes the same request can
be sent to multiple backend servers, and therefore it won't work
for you - as you need to construct unique request to each backend,
with it's own Authorization header.
To do what you want you may try distributing requests "by hand",
e.g., using the split_clients module:
split_client $remote_addr $backend {
50% backend1.example.com;
* backend2.example.com;
}
map $backend $backend_auth {
backend1.example.com QWxhZGRpbjpvcGVuIHNlc2FtZQ==;
backend2.example.com QWxhZGRpbjpvcGVuIHNlc2FtZQ==;
}
server {
...
location / {
proxy_pass http://$backend;
proxy_set_header Authorization "Basic $backend_auth";
}
}
More information can be found in the documentation here:
http://nginx.org/en/docs/http/ngx_http_split_clients_module.html
http://nginx.org/en/docs/http/ngx_http_map_module.html
http://nginx.org/en/docs/http/ngx_http_proxy_module.html#proxy_pass
--
Maxim Dounin
http://nginx.org/
More information about the nginx
mailing list