Hi Thanks
I ended up with this but still with issues map $cookie_SSOID $ssoid_cookie { default ""; ~SSOID=(?P<ssoid>.+) $ssoid; } location /imaadmin/ { proxy_cache off; proxy_pass http://IMAAdmin; auth_request /sso/validate; # must use %20 for url encoding set $sso_group "Staff-sso"; proxy_pass error_page 401 = @error401; location @error401 { # return 302 https://$server_name/sso/login; rewrite ^ https://$server_name/sso/login; } location /sso/validate { proxy_cache off; rewrite (.*) $1?SSOID=$cookie_ssoid&a=$sso_group? break; proxy_set_header X-Original-URI $request_uri; proxy_pass location /sso/ { proxy_cache off; rewrite (.*) $1 break; proxy_set_header X-Original-URI $request_uri; proxy_set_header X-Original-URI "imaadmin"; # have to hard code proxy_pass So http://abc.com.au/imaadmin does a http://abc.com.au/sso/validate?SSOID=<ssoid|>&a=<some text> 200 = okay 401 redirect to http://abc.com.au/sso/login sso redirects to http://abc.com.au/sso/login/form/[X-Original-URI] <<< its failing here I am hard coding this Thanks On 13 October 2016 at 01:02, Maxim Dounin <mdou...@mdounin.ru> wrote: > Hello! > > On Wed, Oct 12, 2016 at 12:43:12PM +1100, Alex Samad wrote: > >> Hi >> >> I am trying to create a dynamic auth address >> >> >> # grab ssoid >> map $cookie_SSOID $ssoid_cookie { >> default ""; >> ~SSOID=(?P<ssoid>.+) $ssoid; >> } >> >> >> location /imaadmin/ { >> proxy_cache off; >> proxy_pass http://IMAAdmin; >> >> >> >> auth_request /sso/validate?SSOID=$ssoid_cookie&a=imaadmin; >> >> >> what I am trying to do is fill the variable ssoid_cookie with the >> cookie value for SSOID in the request or make it blank >> >> then when somebody tries to access /imaadmin make the auth request >> /sso/validate?SSOID=$ssoid_cookie&a=imaadmin; >> >> but i get this >> GET /sso/validate%3FSSOID=$ssoid_cookie&a=imaadmin HTTP/1.0 > > This is because the "auth_request" directive doesn't support > variables, and also doesn't support request arguments. > > Try this instead: > > location /imaadmin/ { > auth_request /sso/validate; > ... proxy_pass ... > } > > location = /sso/validate { > set $args SSOID=$ssoid_cookie&a=imaadmin; > ... proxy_pass ... > } > > -- > Maxim Dounin > http://nginx.org/ > > _______________________________________________ > nginx mailing list > nginx@nginx.org > http://mailman.nginx.org/mailman/listinfo/nginx _______________________________________________ nginx mailing list nginx@nginx.org http://mailman.nginx.org/mailman/listinfo/nginx