Auth_basic "pass through"

I’m having trouble setting up nginx in front of tomcat to handle ssl and
reverse proxy/caching.

Basically the webapp behind nginx uses http authentication (browser
prompts, not a webpage login), and I think what’s happening is that
handshake/traffic is not getting back and forth for the initial
connection. The authentication is performed against a custom
implementation, so I can’t just remove it and move it to a passwd file.

Has anyone run into this, or are there any suggestions?

Thanks,
AJ

On Tue, Sep 25, 2012 at 03:01:15PM -0400, AJ Weber wrote:

Hi there,

I’m having trouble setting up nginx in front of tomcat to handle ssl and
reverse proxy/caching.

===
server {
location / {
proxy_pass http://127.0.0.1:10080/;
}
}

seems to work for me, at least for the auth_basic “pass through” part.

What trouble are you seeing?

(nginx -V, nginx.conf, url you request, response you get, response
you expect?)

Basically the webapp behind nginx uses http authentication (browser
prompts, not a webpage login), and I think what’s happening is that
handshake/traffic is not getting back and forth for the initial
connection. The authentication is performed against a custom
implementation, so I can’t just remove it and move it to a passwd file.

If the backend returns http 401, then nginx should send that to the
client, which it does for me with

WWW-Authenticate: Basic realm=“dir”.

In this case, nginx doesn’t use auth_basic at all, and doesn’t care what
the back end does to decide whether to send 401 or 200.

f

Francis D. [email protected]

I think I got this working (I will continue testing) by adding:
proxy_pass_header Authorization;
to the location.

Might have done the trick.

Thank you for the response.

-AJ