LDAP Auth only for external addresses

Hi,
I configured a nginx 1.5.4 server with the ngnix-auth-ldap module. It
works all fine, but im looking for an option to distinguish the client
networks. My goal is, that users from the network 10...* and 172...*
don’t have to authenticate as all the others.
Is that possible ?

Thanks in advance.

On Tue, Sep 10, 2013 at 11:34:01AM +0200, Matthias Sidler wrote:

Hi there,

Untested, but…

I configured a nginx 1.5.4 server with the ngnix-auth-ldap module. It works all
fine, but im looking for an option to distinguish the client networks. My goal is,
that users from the network 10...* and 172...* don’t have to authenticate as
all the others.
Is that possible ?

I’d expect “satisfy any” to be involved in the solution –
http://nginx.org/r/satisfy

Do the notes at https://github.com/kvspb/nginx-auth-ldap/issues/7 help
at all? I don’t know which specific versions of code you’re using;
possibly newer versions don’t need any workarounds.

f

Francis D. [email protected]

Thanks alot!

That works for me:

[…]
location / {
satisfy any;

    auth_ldap "Forbidden";
    auth_ldap_servers myldap;

    auth_basic "Forbidden";

    allow 10.0.0.0/8;
    allow 172.0.0.0/8;
    deny all;
}

[…]


Mat

On Wed, Sep 11, 2013 at 09:20:58AM +0200, Matthias Sidler wrote:

Hi there,

That works for me:

Good to hear.

Having the answer included on the list like this should also help the
next person with the same issue.

Cheers,

f

Francis D. [email protected]

This forum is not affiliated to the Ruby language, Ruby on Rails framework, nor any Ruby applications discussed here.

| Privacy Policy | Terms of Service | Remote Ruby Jobs