Basic authentication and reverse proxy

I’m using nginx (0.5.32) as a reverse proxy for Tomcat, and it’s working
spectacularly well. There are some admin pages I want to protect,
initially just with Basic authentication, and I think I’ve set it up
right, but what I’m seeing puzzles me. Below is a simplified version of
my nginx.conf:

server {
listen 80;

    location / {
        include /etc/nginx/proxy.conf;

    location /viewServers.htm {

        auth_basic "Restricted";
        auth_basic_user_file /etc/nginx/users;
        include /etc/nginx/proxy.conf;



Normally everything is proxied to the backend Tomcat server. What I want
now is for the /viewServers.htm page to be protected. It prompts for the
username and password and when these have been entered correctly, it
forwards the request, but evidently makes some change to it which I
can’t work out, as it turns up at Tomcat as if it is just / (i.e.,
without the viewServers.htm), even though it is displayed in the browser
as /viewServers.htm (in the Tomcat access log, no such page is
recorded). If I remove the whole location /viewServers.htm… block, I
get a quite different (correct) page served.

Have I set this up right? What do I need to do to have basic
authentication working for a certain set of requests which nginx is to
forward to a back end server?


On Thu, Nov 20, 2008 at 07:39:59PM +0000, John M. wrote:

       include /etc/nginx/proxy.conf;

now is for the /viewServers.htm page to be protected. It prompts for the
forward to a back end server?
Guess you used

proxy_pass http://your-backend/;

in your proxy.conf (note the trailing ‘/’). This will replace
part of the uri matched by location with ‘/’.

Correct solution is to use proxy_pass without path component, i.e.

proxy_pass http://your-backend;

for details.

Maxim D.

Maxim D. wrote:

proxy_pass http://your-backend;

Thanks, that’s exactly right, that fixed it. It’s strange, I’ve used
nginx for months now without this ever having been an issue before.


This forum is not affiliated to the Ruby language, Ruby on Rails framework, nor any Ruby applications discussed here.

| Privacy Policy | Terms of Service | Remote Ruby Jobs