mja*_*day 19 proxy nginx auth-request
我想使用auth_request和oauth2_proxy在成功的身份验证请求时设置标头,然后将其传递给将处理实际请求的下一个代理内联.
我已经设置了NGINX和各种代理来做他们的事情,但是我不确定如何设置来自服务器的标头(图中的AUTH PROXY),我正在使用auth请求,以便将该标头传递给下一个服务器(图中的BACKEND SERVER)
NGINX ---- auth request ----> AUTH PROXY
|
| <--- 201 <------ SUCCESS
|
----> underlying request ----> BACKEND SERVER
我的NGINX配置看起来像
server {
listen 9123;
resolver 10.3.0.2;
resolver_timeout 30;
location / {
auth_request /_auth;
proxy_set_header x-user $http_x_user;
proxy_pass http://backend_server;
}
location = /_auth {
internal;
proxy_pass https://auth;
proxy_pass_request_body off;
proxy_set_header Content-Length "";
proxy_set_header X-Original-URI $request_uri;
}
}
当我发出实际请求时,我在NGINX调试日志中看到以下内容(这是来自auth服务器的响应的一部分):
2013/10/14 17:46:42 [debug] 31222#0: *4 http proxy header: "Content-Type: text/html; charset=utf-8"
2013/10/14 17:46:42 [debug] 31222#0: *4 http proxy header: "Date: Mon, 14 Oct 2013 17:46:42 GMT"
2013/10/14 17:46:42 [debug] 31222#0: *4 http proxy header: "Server: nginx/1.2.5"
2013/10/14 17:46:42 [debug] 31222#0: *4 http proxy header: "Vary: Cookie"
2013/10/14 17:46:42 [debug] 31222#0: *4 http proxy header: "x-user: 1"
我想取x-user标头并将其传递给后端服务器.
我已经在location /块中尝试了各种组合,但它们都没有工作.例如
proxy_set_header x-user $upstream_http_x_user;proxy_set_header x-user $http_x_user;proxy_set_header x-user $sent_http_x_user;proxy_pass_header x-user这些似乎都不起作用.我有什么想法可以完成这项任务?请注意,它是auth代理,它设置我想传递给后端服务器的标头,
mja*_*day 35
Woop, figured it out. The correct NGINX config looks like this:
location / {
auth_request /_auth;
auth_request_set $user $upstream_http_x_user;
proxy_set_header x-user $user;
proxy_pass http://backend_server;
}
The issue is that you cannot assign the header directly into another header, you have to use auth_request_set to set the header into a variable and then assign that variable to a header.
| 归档时间: |
|
| 查看次数: |
20189 次 |
| 最近记录: |