Hi,
I have a password file that contains several users, but for one
particular page on my site, I want only one specific user from that file
to be allowed access. Apache has a “Require user” directive for this,
and I’m looking for an equivalent in nginx.
I’ve tried testing the value of $remote_user – this is what I have at
the moment:
location /foo {
auth_basic “Foo”;
auth_basic_user_file “foo-htpasswd”;
if ($remote_user = "leigh") {
proxy_pass http://127.0.0.1:19000;
}
}
This mostly works, but if you log in with an account other than “leigh”
that’s in the password file, the browser returns a 404 and no longer
prompts for login details. I’d like to keep prompting the user for a
login until they successfully log in with the “leigh” account.
Thanks
Leigh
Leigh D. [email protected] writes:
I’ve tried testing the value of $remote_user – this is what I have at
the moment:
location /foo {
auth_basic “Foo”;
auth_basic_user_file “foo-htpasswd”;
if ($remote_user = "leigh") {
proxy_pass http://127.0.0.1:19000;
}
}
This mostly works, but if you log in with an account other than “leigh”
that’s in the password file, the browser returns a 404 and no longer
prompts for login details.
Just a suggestion, and I’m by no means an expert, but I may have begun
to learn how if blocks really work. Try this:
location /foo {
auth_basic “Foo”;
auth_basic_user_file “foo-htpasswd”;
proxy_pass http://127.0.0.1:19000;
if ($remote_user != “leigh”) {
return 403;
}
}
and see if that helps.
Dave H. - Consultant - Altadena CA, USA - [email protected]
The opinions expressed above are entirely my own <<<
It’s easier to fight for one’s principles than to live up to them.