No authentication prompt with if block

Authentication works fine if I don’t include the if block but I’d like
to allow only a certain user access to this server block. I get a 403
in the browser without any prompt for authentication.

auth_basic “Authentication Required”;
auth_basic_user_file htpasswd;
if ($remote_user != “myuser”) {
return 403;
}

What am I doing wrong?

  • Grant

Hello!

On Fri, Feb 07, 2014 at 10:05:32AM -0800, Grant wrote:

What am I doing wrong?
Rewrite directives, including “if”, are executed before access
checks (and hence auth_basic). So in your cofiguration 403 is
returned before auth_basic has a chance to ask for authentication
by returning 401.

Something like

map $remote_user $invalid_user {
default 1;
“” 0;
“myuser” 0;
}

if ($invalid_user) {
return 403;
}

auth_basic …

should work, as it will allow empty $remote_user and auth_basic
will be able to ask for authentication if credentials wasn’t
supplied.


Maxim D.
http://nginx.org/

What am I doing wrong?
“” 0;
will be able to ask for authentication if credentials wasn’t
supplied.

That works great, thank you. Does adding ‘map’ slow the server down
much?

  • Grant

Hello!

On Sat, Feb 08, 2014 at 08:43:53AM -0800, Grant wrote:

What am I doing wrong?
“” 0;
will be able to ask for authentication if credentials wasn’t
supplied.

That works great, thank you. Does adding ‘map’ slow the server down much?

No, not at all. In contrast, using maps is usually faster than
any other method to do conditional checks. See docs at
http://nginx.org/r/map, in particular this note:

: Since variables are evaluated only when they are used, the mere
: declaration even of a large number of “map” variables does not add
: any extra costs to request processing.


Maxim D.
http://nginx.org/

This forum is not affiliated to the Ruby language, Ruby on Rails framework, nor any Ruby applications discussed here.

| Privacy Policy | Terms of Service | Remote Ruby Jobs