Having the authentication server handling the 429_TOO_MANY_REQUESTS,
allows it to accommodate users with varying limits;
e.g. user1 is allowed 3 requests per second, and user2 is allowed 10 r/s.
The auth_request location can still specify the cache times of the responses
to whatever is wanted, lik
Hi!
Thank you for the answer!
I have tried your suggestion, but it seems to not quite fit my use case.
Does your suggestion not eliminate the authentication server entirely
for any upstream servers?
My preferred use case would be to have auth_request intercept all calls,
and only relay the acce
Thanks!
This does make sense, and one might be able to create a somewhat working
example using this.
However, this seems to introduce a couple of drawbacks, and kind of
breaks the semantics of the 'auth_request'.
Let me illustrate:
First of all, having auth_request in the server context guards a
0, Anders Nicolaisen via
> nginx-devel wrote:
>
> > Thanks!
> > This does make sense, and one might be able to create a somewhat working
> > example using this.
> >
> > However, this seems to introduce a couple of drawbacks, and kind of
> > breaks
