Igor A. Ippolitov
November 07, 2016 06:16AM
Changed own example in the last moment and made a mistake:
try files should address non existent file and then do an internal
redirect. E.g.

try_files nosuchfile.txt @ret;

Only the last argument may be a redirect.

On 07.11.2016 11:37, Igor A. Ippolitov wrote:
> This behavior is cause by general request processing logic. You may
> look at ngx_http_core_module.h which defines request processing phases.
> You may notice that a rewrite phase ('return' acts as a rewrite,
> actually) is run before access phase. So you have your request
> returned before access rules are checked.
> At the same time, try_files phase as after the access phase. So you
> may try using:
>
> location /auth {
>
> auth_basic_user_file /etc/nginx/.htpasswd;
>
> auth_basic "Secret";
>
> # try_files will be used only for a valid authenticated user
>
> try_files @redir =403; #403 will never be returned from here.
>
> }
>
> location @redir {
>
> return 200 'hello';
>
> }
>
>
> This looks a little bit hacky, but is pretty reasonable e.g. if you
> want to return 404.
>
> Just curious, why won't you auth protect your final destination?
>
> On 06.11.2016 18:09, Scott McGillivray wrote:
>>
>> i thought this would work but for some reason it doesn't.
>>
>> |location /auth { auth_basic_user_file /etc/nginx/.htpasswd;
>> auth_basic "Secret"; return 200 'hello'; } |
>>
>>
>> When i specify the return, 200 or 301, it just skips the auth_basic
>> and processes the return statement.
>>
>> If i comment out the return statement it works OK. Ideally i want
>> just an |/auth| endpoint that once authenticated it will 301 redirect
>> to $host, e.g. return 301 http://$host http://$host
>>
>> Can someone explain why this behaves this way and what is the correct
>> configuration.
>>
>> many thanks
>>
>>
>>
>> _______________________________________________
>> nginx mailing list
>> nginx@nginx.org
>> http://mailman.nginx.org/mailman/listinfo/nginx
>
>
>
>
> _______________________________________________
> nginx mailing list
> nginx@nginx.org
> http://mailman.nginx.org/mailman/listinfo/nginx


_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
Subject Author Posted

auth_basic within location block doesn't work when return is specified?

Scott McGillivray November 06, 2016 10:12AM

Re: auth_basic within location block doesn't work when return is specified?

Igor A. Ippolitov November 07, 2016 03:40AM

Re: auth_basic within location block doesn't work when return is specified?

Igor A. Ippolitov November 07, 2016 06:16AM

most efficient way to return on everything but a single directory?

Jonathan Vanasco November 07, 2016 08:16PM

Re: most efficient way to return on everything but a single directory?

Igor Sysoev November 07, 2016 11:36PM



Sorry, only registered users may post in this forum.

Click here to login

Online Users

Guests: 159
Record Number of Users: 8 on April 13, 2023
Record Number of Guests: 500 on July 15, 2024
Powered by nginx      Powered by FreeBSD      PHP Powered      Powered by MariaDB      ipv6 ready