Nginx Auth Request By Source IP
John Baird
john.w.baird at gmail.com
Thu Oct 19 19:15:26 UTC 2017
That definitely helped! I didn't realize I could stack like that exactly.
Getting a 502 from localhost queries now, I can work on that. Thanks for
the quick reply!
On Thu, Oct 19, 2017 at 2:08 PM Grzegorz Kulewski <gk at leniwiec.biz> wrote:
> W dniu 19.10.2017 o 20:59, John Baird pisze:
> > I have been doing some reading an googling, and I am wondering if
> someone can help.
> >
> > I have an oauth2 service successfully authenticating nginx visitors.
> Because Nginx is fronting a web application on the backend, the web
> application does NOT have valid domain credentials to interact with the
> nginx layer.
> >
> > Goal:
> > I would like to be able to do something like the following:
> >
> > geo $localhost {
> > default 0;
> > 127.0.0.1/32 <http://127.0.0.1/32> 1;
> > }
> >
> > server {
> > location / {
> > if ($localhost = 0) {
> > auth_request = /oauth2/callback
> > ....
> > }
> > }
> > }
> >
> > Is this possible?
> > TL;DR -> bypass nginx oauth2 auth_request module when source ip is
> localhost
>
> If I understood correctly something like that should work:
>
> satisfy any;
> allow 127.0.0.1;
> deny all;
> auth_request ...;
>
> --
> Grzegorz Kulewski
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20171019/32e25773/attachment.html>
More information about the nginx
mailing list