Welcome! Log In Create A New Profile

Re: newbie question

Forum List Message List New Topic Print View

alexsamad

October 13, 2016 12:54AM

Registered: 7 years ago
Posts: 42

Hi

Thanks

I ended up with this but still with issues

map $cookie_SSOID $ssoid_cookie {
default "";
~SSOID=(?P<ssoid>.+) $ssoid;
}

location /imaadmin/ {
proxy_cache off;
proxy_pass http://IMAAdmin;

auth_request /sso/validate;
# must use %20 for url encoding
set $sso_group "Staff-sso";

proxy_pass
error_page 401 = @error401;
location @error401 {
# return 302 https://$server_name/sso/login;
rewrite ^ https://$server_name/sso/login;
}

location /sso/validate {
proxy_cache off;
rewrite (.*) $1?SSOID=$cookie_ssoid&a=$sso_group? break;
proxy_set_header X-Original-URI $request_uri;
proxy_pass

location /sso/ {
proxy_cache off;

rewrite (.*) $1 break;
proxy_set_header X-Original-URI $request_uri;
proxy_set_header X-Original-URI "imaadmin"; # have to hard code
proxy_pass

So
http://abc.com.au/imaadmin

does a http://abc.com.au/sso/validate?SSOID=<ssoid|>&a=<some text>
200 = okay
401 redirect to http://abc.com.au/sso/login

sso redirects to http://abc.com.au/sso/login/form/[X-Original-URI]
<<< its failing here I am hard coding this

Thanks

On 13 October 2016 at 01:02, Maxim Dounin <mdounin@mdounin.ru> wrote:
> Hello!
>
> On Wed, Oct 12, 2016 at 12:43:12PM +1100, Alex Samad wrote:
>
>> Hi
>>
>> I am trying to create a dynamic auth address
>>
>>
>> # grab ssoid
>> map $cookie_SSOID $ssoid_cookie {
>> default "";
>> ~SSOID=(?P<ssoid>.+) $ssoid;
>> }
>>
>>
>> location /imaadmin/ {
>> proxy_cache off;
>> proxy_pass http://IMAAdmin;
>>
>>
>>
>> auth_request /sso/validate?SSOID=$ssoid_cookie&a=imaadmin;
>>
>>
>> what I am trying to do is fill the variable ssoid_cookie with the
>> cookie value for SSOID in the request or make it blank
>>
>> then when somebody tries to access /imaadmin make the auth request
>> /sso/validate?SSOID=$ssoid_cookie&a=imaadmin;
>>
>> but i get this
>> GET /sso/validate%3FSSOID=$ssoid_cookie&a=imaadmin HTTP/1.0
>
> This is because the "auth_request" directive doesn't support
> variables, and also doesn't support request arguments.
>
> Try this instead:
>
> location /imaadmin/ {
> auth_request /sso/validate;
> ... proxy_pass ...
> }
>
> location = /sso/validate {
> set $args SSOID=$ssoid_cookie&a=imaadmin;
> ... proxy_pass ...
> }
>
> --
> Maxim Dounin
> http://nginx.org/
>
> _______________________________________________
> nginx mailing list
> nginx@nginx.org
> http://mailman.nginx.org/mailman/listinfo/nginx

_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx

Reply Quote

RSS

Subject	Author	Posted
newbie question	alexsamad	October 11, 2016 09:44PM
Re: newbie question	Maxim Dounin	October 12, 2016 10:04AM
Re: newbie question	alexsamad	October 13, 2016 12:54AM

Sorry, only registered users may post in this forum.

Click here to login

Online Users

Guests: 297

Record Number of Users: 8 on April 13, 2023

Record Number of Guests: 421 on December 02, 2018