Hi Bob!
Basically <authServiceURl> is backend JAVA servlet that takes token from header, validates it and passes back 401 or 200 status.
So, nothing unusual here.:)
I am using auth_request module as is, no additional perl scripts, etc. Just added module to nginx, thats it.
I use auth_request as 'interceptor' for every incoming request. The request suppose to have specific header, that is validated by authservice.
Cheers