Ok I figured it out. A page I saw mentioned copying the ldap conf as the nginx.conf file and using that and I did. I erroneously thought the port 9000 connection in there was a necessary ldap connect piece and so I didn't change it, until today with your questioning.
Thanx Brian On Mon, Oct 8, 2018, 11:22 AM Francis Daly <fran...@daoine.org> wrote: > On Mon, Oct 08, 2018 at 08:21:08AM -0700, Brian W. wrote: > > Hi there, > > > I want to do a successful auth, which I can, and then after the > successful > > auth be reverse proxied to the specified web server, not a simple 302 > > redirect, but actual reverse proxy. When I replace the hello world line > > with a get, I just get blank white screen. I can curl -i and get a 200. I > > can also reverse proxy without the auth and have it work. > > I'm still unclear about what you mean by the above. > > I *think* you are saying: > > when your nginx.conf has > > server { > location / { > proxy_pass http://windows-server; > } > } > > that everything works; you can "curl -v http://nginx/something" and get > the expected response from http://windows-server/something. > > Am I correct in that much? > > > I also think you are saying: > > when your nginx.conf has > > server { > location / { > auth_request /auth; > proxy_pass http://windows-server; > } > location = /auth { > # your ldap-related things that return http 200 when things are good, > # and 401 or 403 when things are bad > } > } > > then some parts fail in some way -- you request http://nginx/something, > and you expect one response but you get one other response -- possibly > a http 302 to some other url? > > Am I correct in that? > > > What I need to figure out is how do I do the reverse proxy to a web > server > > on a different machine and send the user there via reverse proxy after a > > successful auth. > > In nginx terms, that's auth_request -- http://nginx.org/r/auth_request > > If we can understand where in the sequence things fail first, maybe it > will be clearer what needs to change in order to get things to succeed. > > Cheers, > > f > -- > Francis Daly fran...@daoine.org > _______________________________________________ > nginx mailing list > nginx@nginx.org > http://mailman.nginx.org/mailman/listinfo/nginx >
_______________________________________________ nginx mailing list nginx@nginx.org http://mailman.nginx.org/mailman/listinfo/nginx