On Tue, May 31, 2016 at 7:41 AM, Larry Martell <larry.mart...@gmail.com> wrote:
> On Mon, May 30, 2016 at 2:19 PM, Robert Paprocki
> <rpapro...@fearnothingproductions.net> wrote:
>>
>>
>> On Sat, May 28, 2016 at 12:48 PM, Larry Martell <larry.mart...@gmail.com>
>> wrote:
>>>
>>> Is there any way with nginx to check a request's headers and send back
>>> a 401 if the headers are not proper?
>>
>>
>>
>> Yes, you can do with this via the 'map' and 'if' directives. A trivial
>> example:
>>
>> http {
>> # if the "X-Foo" request header contains the phrase 'data', set $bar
>> to 1; otherwise, set it to 0
>> map $http_x_foo $bar {
>> default 0;
>> "~data" 1;
>> }
>>
>> server {
>> location /t {
>> if ($bar) {
>> return 401;
>> }
>> }
>> }
>>
>> See also http://nginx.org/en/docs/http/ngx_http_map_module.html and
>> http://nginx.org/en/docs/http/ngx_http_rewrite_module.html#if
>
> I added this to the http section:
>
> map $http_x_capdata_auth $not_auth {
> default 1;
> "authorized" 0;
> }
>
> and this to the location section:
>
> if ($not_auth) {
> return 401;
> }
>
> and it's always returning a 401, even if there is a header:
>
> X-Capdata-Auth: authorized
>
> And I doing something wrong here? How can I debug this?
Looking with tcpdump I do not see that header field set. The request
is coming from a django app which is doing a redirect and I set the
header before the redirect. Guess I have to debug from that side.
_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
