Hi, I need to know that How to secure SOAP web services using NGINX's API gateway feature ? ** Current Implementation ** I have an application with rest interfaces and is secured by NGINX's AUTH_REQUEST module. For each request reaching NGINX, AUTH_REQUEST sends a SubRequest to /login to the auth applicaiton which returns 200 OK if the credentials are correct and theby zaidahmd - Nginx Mailing List - English
Hi, I have an application in internal network with no public internet access. I want NGINX API gateway deployed in public exposed network that authenticates incoming HTTP, and rest service traffic and then relays the traffic to upstream servers. Similarly I want the NGINX API Gateway to authenticate SOAP requests also. But SOAP has its own WS security, and I believe SOAP request should notby zaidahmd - Nginx Mailing List - English
Hi Francis, > I've read your description, and I confess I'm not sure what benefit > auth_request within nginx gives you. It looks like your application is > doing its own auth check on every request anyway, so having nginx do > the same thing seems redundant. I'm probably missing something. can u please tell me the concept and usage of auth_request module. What I understood frby zaidahmd - Nginx Mailing List - English
Hi, I need to edit one reply to a topic in this list and need to know how to perform it. I cannot see any edit or delete button. I have been using stackoverflow where edits and delete is allowed to the users.by zaidahmd - Nginx Mailing List - English
Hi Francis, Thanks for your interest. I would certainly like to contribute for the future implementers of NGINX reverse proxy with API gateway functionality. Below I will explain my application with NGINX configuration I have performed and the code snippets/references for future users. If you like I can share my working sample application also as starter guide for custom java authentication gatby zaidahmd - Nginx Mailing List - English
Hi maxim, After implementing your valuable inputs I came across the following error in my application. Error: "Request 'GET /login' doesn't match 'POST /login" this means that nginx is sending GET requests to authentication service. So the flow is as follows and is according to your valuable feedback. 1. I typed the nginx URL in browser "http://localhost:8180/api"by zaidahmd - Nginx Mailing List - English
Hi Maxim, Thanks for the response. As you said below, > Instead, it issues a > subrequest for every incoming request, and allows further > processing of the request if and only if the subrequest returns > 200. This means my authentication service will be getting a subrequest to /login everytime a request reaches nginx. And if the subrequest returns 401 then it means tby zaidahmd - Nginx Mailing List - English
Hi, I am trying to implement the NGINX API gateway in nginx 1.10.3 community version. I am facing the issue that NGINX is not forwarding the request to authentication service. nginx configuration is pasted at the end of this thread. I have written authentication service which is listening for login requests on /login. My protected application has no login page and responds with 401 statusby zaidahmd - Nginx Mailing List - English
Hi, I am implementing nginx as API gateway. I have two applications written in spring-boot-web with angularjs. One application is which is auth application and has login.html page inside it. The othe is my upstream applicaiton. My issue is when I comment/disable the /auth part of the below config, my applicaiton becomes accessible via nginx. But, when I enable the auth config in nginx, i staby zaidahmd - Nginx Mailing List - English
Hi Guys, I read the NGINX docs for API Gateway functionality where I can get my the users to my upstream application get authenticated by a different application. My Idea was to develop 2 applications as a proof of concept. The applications are as follows 1. Main Application : One would be an Upstream application based on Spring MVC using sessions to identify the loggby zaidahmd - Nginx Mailing List - English
I have and NGINX reverse proxy and upstream server. NGINX authenticates the incoming request and forwards the request to upstream server, which also authenticates the request first and then creates a session for the user. I want to know if the user session gets expired in NGINX, will NGINX forward the request to upstream server to also destroy the user session OR NGINX will just destroyby zaidahmd - Nginx Mailing List - English
** Problem Background ** I have an application, say app-A, which is running on a private network unreachable by public network. Now a new requirement needs to deliver the webpages of app-A to external users over public network. As a solution to expose app-A, I want to use NGINX as reverse proxy and will use two layers of authentication as explained below. Kindly advise if i am moving in the rby zaidahmd - Nginx Mailing List - English