Nginx reverse proxy - passthrough basic authenication

Question

I am trying to setup nginx as a reverse rpoxy server in front off several IIS web servers who are authenticating using Basic authentication.

(note - this is not the same as nginx providing the auth using a password file - it should just be marshelling everythnig between the browser/server)

Its working kind off - but getting repeatedly prompted for auth by every single resource (image/css etc) on a page.

upstream my_iis_server {
      server 192.168.1.10;
}

server {
    listen       1.1.1.1:80;
    server_name  www.example.com;  

    ## send request back to my iis server ##
    location / {
     proxy_pass  http://my_iis_server;
     proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504;
     proxy_http_version      1.1;
     proxy_pass_header       Authorization;     
     proxy_redirect off;
     proxy_buffering off;
     proxy_set_header        Host            $host;
     proxy_set_header        X-Real-IP       $remote_addr;
     proxy_set_header        X-Forwarded-For $proxy_add_x_forwarded_for;
   }
}

score 3 · Answer 1 · answered Feb 13 '13 at 16:45

3

I think nginx is blocking request headers and not sending them to IIS. Try setting

proxy_pass_request_headers on;

on your location block.

Greetings.

answered Feb 13 '13 at 16:45

Juan Traverso

171
1
6

score 0 · Answer 2 · answered Feb 12 '13 at 16:19

0

I'm not sure you need

auth_basic off in the areas that you don't want to do authentication on.

answered Feb 12 '13 at 16:19

Abhishek Anand Amralkar

1,949
12
16

Thats for use when ningx is doing the auth itself (not for passthrough to upstream server) which I am not doing as explained in the question. – Ryan Feb 12 '13 at 16:58

Nginx reverse proxy - passthrough basic authenication

2 Answers2

Linked