I actually got this working with the built-in memcache and userid modules. This is REALLY cool and I'm going to be re-thinking how to provide security/authentication in other projects using this approach. Thanks for the quick feedback and your hard work Maxim.
Here's a snippet of my configuration:
server {
...
auth_request /auth;
location = /auth {
auth_request off;
set $memcached_key sso$cookie_uid;
memcached_pass mmc:11211;
error_page 404
=403 /login.html;
}
location = /login.php {
auth_request off;
# fastcgi_param
fastcgi_pass unix:/var/lib/php.sock;
}
...
}
Note: this example uses PHP/FastCGI instead of proxy_pass.