That works wonderfully, thank you!
On May 27, 2024 6:48:40 AM UTC, J Carter wrote:
>Hello,
>
>[...]
>
>> ```
>> The goal is to bypass SSO if a correct HTTP Basic Auth header is present
>> while making sure connections are only from said IPs.
>>
>> When I disable the IP check it works
Hello,
[...]
> ```
> The goal is to bypass SSO if a correct HTTP Basic Auth header is present
> while making sure connections are only from said IPs.
>
> When I disable the IP check it works flawlessly. How could I separate these
> requirements?
>
> So (SSO or Basic Auth) and Correct IP
```
location / {
proxy_pass $forward_auth_target;
allow x/24;
deny all;
satisfy any; # This gets satisfied by the IP check, and auth is
completely bypassed
auth_basic "";
auth_basic_user_file "/etc/nginx/basic_auth/$forward_auth_bypass";
