Primitive RBAC/AAA implementation in nginx config

Hi all -

I spent some time poking at a interesting problem that came up last
night, and ended up with this primitive RBAC system, implemented in
declarative nginx config.

You might find it useful, or might be able to tell me why it sucks
hence how it could be improved :wink:

Readme and config: https://gist.github.com/jpluscplusm/9227777

Cheers,
Jonathan

Jonathan M.
Oxford, London, UK
http://www.jpluscplusm.com/contact.html

On 26 Feb 2014 12:05, “Jonathan M.” [email protected]
wrote:

Hi all -

I spent some time poking at a interesting problem that came up last
night, and ended up with this primitive RBAC system, implemented in
declarative nginx config.

Thanks to the couple of people who reminded me this may not be a
frequently-used term on this list :slight_smile:

Role Based Access Control systems are a technique for limiting access to
resources based on people belonging to groups (roles) and not being
granted
access individually:
https://en.wikipedia.org/wiki/Role-based_access_control

In this case, the resources are URIs, potentially proxy_pass’d, and the
users are HTTP basic auth users. My implementation is nothing special,
but
I’d not seen a reasonably scalable one implemented purely in declarative
nginx configuration syntax before :slight_smile:

Anyway, tell me why it sucks …
https://gist.github.com/jpluscplusm/9227777

J

This forum is not affiliated to the Ruby language, Ruby on Rails framework, nor any Ruby applications discussed here.

| Privacy Policy | Terms of Service | Remote Ruby Jobs