Forum: NGINX mod_auth_request + php5-fpm gives error 504 on POST requests, GET requests are okay

mod_auth_request + php5-fpm gives error 504 on POST requests, GET requests are okay
Posted by refghbn (Guest)
on 2013-02-24 00:33
(Received via mailing list) 
Setup: php5-fpm listening on socket + nginx 1.2.6

Wanted to use mod_auth_request for www authentication. Works fine for 
GET
requests, POST requests time out with error 504.

Error log:
2013/02/24 00:13:03 [error] 24004#0: *13 auth request unexpected status: 
504
while sending to client, client: 80.187.106.XXX, server: xxx.net, 
request:
"POST /test.php HTTP/1.1", host: "xxx.net", referrer:
"https://xxx.net/test.php"

With GET, as stated, and when testing the subrequest script directly,
everything works fine. Gives 201/401 header, empty body as it should.

          location ~ \.php$ {

                  root /var/www;

                  fastcgi_pass    unix:/var/run/php5-fpm.sock;
                 fastcgi_index  index.php;
                 fastcgi_intercept_errors on;
                  error_page 404 /index.html;

                  fastcgi_param DOCUMENT_ROOT   /var/www;
                  fastcgi_param SCRIPT_FILENAME
/var/www$fastcgi_script_name;
                  fastcgi_param PATH_TRANSLATED
/var/www$fastcgi_script_name;

                 include /etc/nginx/fastcgi.conf;

                 auth_request /authenticator/www.php;
         }

         location = /authenitcator/www.php {
                 fastcgi_pass unix:/var/run/php5-fpm.sock;
                 fastcgi_param SCRIPT_FILENAME
/var/www$fastcgi_script_name;
                 fastcgi_param PATH_TRANSLATED
/var/www$fastcgi_script_name;
         }

Does anyone have an idea?

/refghbn

Posted at Nginx Forum: 
http://forum.nginx.org/read.php?2,236524,236524#msg-236524
Edit | Move | Delete topic | Reply with quote
Re: mod_auth_request + php5-fpm gives error 504 on POST requests, GET requests are okay
Posted by Maxim Dounin (Guest)
on 2013-02-24 18:54
(Received via mailing list) 
Hello!

On Sat, Feb 23, 2013 at 06:32:45PM -0500, refghbn wrote:

> Setup: php5-fpm listening on socket + nginx 1.2.6
>
> Wanted to use mod_auth_request for www authentication. Works fine for GET
> requests, POST requests time out with error 504.

By "mod_auth_request" you mean auth request module, as available
from http://mdounin.ru/hg/ngx_http_auth_request_module?

>
>                   fastcgi_param PATH_TRANSLATED
> /var/www$fastcgi_script_name;
>                  fastcgi_param PATH_TRANSLATED
> /var/www$fastcgi_script_name;
>          }
>
> Does anyone have an idea?

You have a typo in location, "authenITcator" instead of
"authenTIcator".  This results in "location ~ \.php$" being used
for auth requests instead of dedicated one.

In "location ~ \.php$" it doesn't work for POST requests but times
out instead as auth request doesn't have request body (it's not
yet read from a client), but there will be Content-Length header.
This might confuse backend's code, and in general you should have
something equivalent to the following line from README:

    proxy_set_header Content-Length "";

I.e. for fastcgi you should _not_ provide fastcgi_param
CONTENT_LENGTH.

--
Maxim Dounin
http://nginx.com/support.html
Edit | Delete | Reply with quote
Enable email notification | Enable multi-page view
Please log in before posting. Registration is free and takes only a minute.
Existing account (Switch to SSL-encrypted connection)
NEW: Do you have a Google/GoogleMail or Yahoo account? No registration required!
Log in with Google account | Log in with Yahoo account
No account? Register here.
Powered by RForum and Captchator. Contact information - E-Mail: webmaster (at) ruby-forum (dot) com.