Welcome! Log In Create A New Profile

Advanced

Auth_request and multiple cookies from the authentication server

Hannu Shemeikka
September 24, 2020 02:02AM
Hi,

I'm using using auth_request to authenticate requests to my locations. I
have a working configuration but I noticed that the client is not
receiving all cookies set by the authentication server.

I'm using following syntax for setting the cookie:
auth_request_set            $auth_cookie $upstream_http_set_cookie;

It seems that the variable $upstream_http_set_cookie only contains the
first cookie and not all cookies set by the upstream server.

Is this variable's behavior feature or is it a bug? Is there a
workaround for this?

I have tried using different solutions like using using the variable
$upstream_cookie_<name> for setting each cookie but this variable seems
to contain only the raw cookie value and doesn't include the flags, e.g.
expires, httponly. I thought about using lua but I'm thinking of giving
up with the lua route since it seems it would not be a good solution all
things considered.


Relevant part of the nginx configuration:

##################

location / {
    auth_request                /auth;
    auth_request_set          $auth_cookie $upstream_http_set_cookie;
    add_header                  Set-Cookie $auth_cookie;
    try_files                         $uri @frontend;
}

location /auth {
    internal;
    proxy_set_header          X-Original-Method $request_method;
    proxy_set_header          X-Real-IP $remote_addr;
    proxy_set_header          X-Original-URI $request_uri;
    proxy_set_header          Host $host;
    proxy_pass                     http://$server/api/authz;
}

##################


- Hannu

_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
Subject Author Posted

Auth_request and multiple cookies from the authentication server

Hannu Shemeikka September 24, 2020 02:02AM

Re: Auth_request and multiple cookies from the authentication server

Francis Daly October 19, 2020 05:32AM



Sorry, only registered users may post in this forum.

Click here to login

Online Users

Guests: 74
Record Number of Users: 6 on February 13, 2018
Record Number of Guests: 421 on December 02, 2018
Powered by nginx      Powered by FreeBSD      PHP Powered      Powered by MariaDB      ipv6 ready