LDAP authentication using ngx_http_auth_request_module

Koxx nginx-forum at forum.nginx.org
Mon Mar 11 19:09:45 UTC 2019


I am currently using the LDAP auth request module for a small SSO portal.

I am talking about this : https://github.com/nginxinc/nginx-ldap-auth/

I am annoyed by the fact that I need to store the login/pwd in a cookie in
order to maintain the auth valid.
I encrypted the login/pwd with a much better algorithm, but still, it is
subject to cookies hack.

What would be a better solution without breaking everything ?
by the way, I need the login/pwd in nginx for further usage to authenticate
user on the backend.


Posted at Nginx Forum: https://forum.nginx.org/read.php?2,283339,283339#msg-283339

More information about the nginx mailing list