lea*_*ner 5 reverse-proxy nginx session-state
I am new to NGINX and need some clarification. I am deploying NGINX as reverse proxy for my web application which will also work as an API gateway. This API gateway will first send all the HTTP requests to an authentication service (radius based authentication) and then will forward the authenticated requests to the upstream server. Following are my questions for such a scenario.
How does the upstream server knows that the request it received is an authenticated request ? Does the authentication service has to set some headers in HTTP request after successful authentication ? if yes, then which headers ? And the upstream server has to read the same headers to evaluate if the request is authenticated
For an authenticated user a typical web server keeps the session info with it ? how does the NGINX keeps the session info ? Does NGINX keeps the session info for all the clients requesting through NGINX reverse proxy ? And is this session info replicated or shared with the upstream server as upstream server also needs to keep the session info ?
When a request is received by NGINX reverse proxy, how does NGINX forwards the request to upstream server ? does NGINX keep two sessions per request i.e., 1 session from client to NGINX and 2nd session from NGINX to upstream server ? OR is it that NGINX doesnt keeps any session with it, rather NGINX just forwards/replicates the request down to appropriate upstream server.
And once authenticated how the authorization (in case of LDAP auth groups) details are sent to upstream server ? does upstream server have to request these detail to auth server again.
| 归档时间: |
|
| 查看次数: |
2314 次 |
| 最近记录: |