Welcome! Log In Create A New Profile

Advanced

Re: How to return a cookie to a client when auth_request is used?

Previous Message Next Message
Forum List Message List New Topic Print View
Maxim Dounin
January 15, 2015 08:18AM
Hello!

On Thu, Jan 15, 2015 at 03:11:23AM -0500, nginxuser100 wrote:

> Hi,
>
> Question 1:
>
> I would like to have an FastCGI authentication app assign a cookie to a
> client, and the Fast Auth app is called using auth_request. The steps are as
> follows:
>
> 1. Client sends a request
> 2. NGINX auth_request forwards the request to a FastCGI app to
> authenticate.
> 3. The authentication FastCGI app creates a cookie, using "Set-Cookie:
> name=value". I would like this value to be returned to the client.
> 4. Assuming the authentication was successful, NGINX then forwards the
> request to an upstream FastCGI app which sends a response to the client. The
> HTTP header should contain Set-Cookie: name=value
>
> How do I get NGINX to include the cookie in the header that gets forwarded
> to the upstream module so the final response to the client contains the
> cookie? I tried using auth_request_set but got

You have to save the header value returned by the subrequest to a
variable with auth_request_set, and then add the header to a
response generated using the "add_header" directive. Something
like this should work:

location / {
auth_request /auth;
auth_request_set $saved_set_cookie $upstream_http_set_cookie;
add_header Set-Cookie $saved_set_cookie;
...
}

[...]

> Question 2. I also tried
> auth_request_set $http_cookie "test";
> to see how auth_request_set works. NGINX gave me this error at start
> time
>
> nginx: [emerg] the duplicate "http_cookie" variable in
> /usr/local/nginx-1.7.9/conf/nginxWat.conf:25
>
> Why did get such error?

The $http_* variables are headers of a request, and you can't
redefine them. Hence the error.

> Question 3. Can someone give me a pointer to a list of NGINX FastCGI
> supported env variables such as $http_cookie / HTTP_COOKIE?

All HTTP request headers are passed to FastCGI application as
HTTP_* params, and will be available to an application as
coresponding environment variables. Additional params are passed
as configured in your fastcgi_params file.

--
Maxim Dounin
http://nginx.org/

_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
Reply Quote
RSS
Subject Author Posted

How to return a cookie to a client when auth_request is used?

nginxuser100 January 15, 2015 03:11AM

Re: How to return a cookie to a client when auth_request is used?

Maxim Dounin January 15, 2015 08:18AM

Re: How to return a cookie to a client when auth_request is used?

nginxuser100 January 18, 2015 08:50PM

Re: How to return a cookie to a client when auth_request is used?

nginxuser100 January 21, 2015 02:47PM



Sorry, only registered users may post in this forum.

Click here to login

Online Users

Guests: 217
Record Number of Users: 8 on April 13, 2023
Record Number of Guests: 421 on December 02, 2018
Powered by nginx      Powered by FreeBSD      PHP Powered      Powered by MariaDB      ipv6 ready