0

I am using the nginx http_auth_request_module for sending an authentication subrequest to another server (apache 2.4). The authentication mechanism works perfectly, however the module seems to only process HTTP 200 and 401 answers correctly.

If i refresh the webpage in the browser where i just got authenticated - nginx ends up in a 500 internal server error. If i press "refresh" in the browser again - the webpage will be displayed again correctly.

I checked the logs and for refreshing there comes a HTTP 304 Not Modified as reply which the nginx module can not process.

*2019/08/09 11:18:26 [error] 7#7: 565 auth request unexpected status: 304 while sending to client, client:

Is there any workaround or is this module just poorly developed?

dev_user
  • 11
  • 4
  • Configure your apache to never response 304 for auth requests. – Alexey Ten Aug 09 '19 at 11:42
  • On the other hand, you just could skip cache headers (`If-Modified-Since`, `If-None-Match`, etc.) when proxy you request to apache. – Alexey Ten Aug 09 '19 at 11:47
  • Hi @AlexeyTen, thanks for your comment! Do you know how to configure apache to never send 304? I am just accessing a location "/auth" for auth request. – dev_user Aug 09 '19 at 13:34
  • @AlexeyTen or how do I actually skip cache header? I will have to configure that on the nginx proxy? – dev_user Aug 09 '19 at 13:34
  • http://nginx.org/r/proxy_set_header `proxy_set_header If-Modified-Since "";` etc. – Alexey Ten Aug 09 '19 at 13:37
  • @AlexeyTen Thank you so much! What is about "proxy_hide_header Cache-Control;" ? – dev_user Aug 09 '19 at 13:45
  • It's useless, since responces from `auth_request` never gets back to user. – Alexey Ten Aug 09 '19 at 13:46
  • @AlexeyTen true.. So i simply set the headers to "" on the nginx proxy in the internal location of the authentication subrequest? – dev_user Aug 09 '19 at 13:50
  • @AlexeyTen thanks, its working. I set only the "If-Modified-Since" header to "". Are there any other that "should" be ignored beside that one? – dev_user Aug 09 '19 at 13:55

0 Answers0