Skip to content

PiotrSikora/ngx_http_auth_request_module

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

1 Commit
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Auth request module for nginx.

This module allows authorization based on subrequest result.  Once subrequest
returns 2xx status - access is allowed, on 401 or 403 - disabled with
appropriate status.  Anything else is considered to be an error.

For 401 status WWW-Authenticate header from subrequest response will be
passed to client.

Module works at access phase and therefore may be combined nicely with other
access modules (access, auth_basic) via satisfy directive.

Configuration directives:

    auth_request <uri>|off

        Context: http, server, location
        Default: off

        Switches auth request module on and sets uri which will be asked for
        authorization.

    auth_request_set <variable> <value>

        Context: http, server, location
        Default: none

        Set request variable to the given value after auth request completion.
        Value may contain variables from auth request, e.g. $upstream_http_*.

Usage:

    location /private/ {
        auth_request /auth;
        ...
    }

    location = /auth {
        proxy_pass ...
        proxy_pass_request_body off;
        proxy_set_header Content-Length "";
        proxy_set_header X-Original-URI $request_uri;
    }

Note: it is not currently possible to use proxy_cache/proxy_store (and 
fastcgi_cache/fastcgi_store) for requests initiated by auth request
module.

To compile nginx with auth request module, use "--add-module <path>" option
to nginx configure.

Development of this module was sponsored by Openstat (http://www.openstat.com/).

About

Temporary GitHub mirror of Maxim Dounin's ngx_http_auth_request_module

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published