We currently have a setup where we have multiple app servers sitting behind NGINX. We want to provide HMAC based authentication comparing an hash of the content or headers of the request against an authenticator using a known key (which varies depending on which URL you are trying to access).
Currently, we receive requests on port 80, send them to a python fcgi progam which does the logic, and then if successful we request (using python) to port 81 (not world accessible) which actually sends to the requests to the app servers. It has been mostly successful, and fast enough, but we're having some issues with fcgi threads timing out, and having to recreate them every so often. Having an integrates solution would be ideal. Even more ideal if it could be written in C just enough to get the request out to a script of some sort written in python, perl or ruby so our engineers could more easily modify it.
Anyone interested in discussing further?
Best,
Jacob