share cookies between servers
Francis Daly
francis at daoine.org
Sat Jan 12 18:13:06 UTC 2019
On Fri, Jan 11, 2019 at 07:59:47PM +0800, David Ni wrote:
Hi there,
> auth_ldap "Restricted Space";
> auth_ldap_servers bigdataldap;
>
> location / {
> proxy_pass http://datanode02:16010/;
> add_header Set-Cookie "myauth=true;Domain=.bddev.test.net;Path=/;Max-Age=31536000";
> }
> then in datanode03.bddev.test.net configuration:
> if ( $http_cookie ~* "myauth=true" ) {
> auth_ldap "Restricted Space";
> auth_ldap_servers bigdataldap;
> }
> location / {
> proxy_pass http://datanode03:16010/;
> add_header Set-Cookie "myauth=true;Domain=.bddev.test.net;Path=/;Max-Age=31536000";
> }
> }
> am I correct?
I suspect "no".
I don't know what your "normal" works-on-a-single-server auth_ldap system
looks like.
(http://nginx.org/r/auth_ldap suggests that it is not a default-provided
module.)
If your normal system involves you doing
add_header Set-Cookie "myauth=true;Path=/;Max-Age=31536000";
then you are correct to add the "Domain=" bit here.
But I would expect that the config in the two server{} blocks will be
very similar. So either the "if" part should be in both servers, or in
neither server. If your single-server config includes it, it should be
included in the multi-server config too.
f
--
Francis Daly francis at daoine.org
More information about the nginx
mailing list