Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Missing proxy_cache_key if README.md ? #103

Open
eLvErDe opened this issue Nov 14, 2022 · 1 comment
Open

Missing proxy_cache_key if README.md ? #103

eLvErDe opened this issue Nov 14, 2022 · 1 comment

Comments

@eLvErDe
Copy link

eLvErDe commented Nov 14, 2022

Hello,

I don't understand how the configuration could works by using only

proxy_cache auth_cache;
proxy_cache_valid 200 10m;

When using HTTP Basic authorization by setting:

proxy_set_header Authorization $http_authorization;

The configuration lead to anyone having access after one auth called succeeded, which is what I think such configuration is supposed to do. But it does not make any sense.

Changing the cache configuration to include the Authroization header fixes the issue:

proxy_cache auth_cache;
proxy_cache_key "$http_authorization";
proxy_cache_valid 200 10m;

Am I stupid of the documentation is lacking this additional line ?

Best regards, Adam.
@oxpa
Copy link
Contributor

oxpa commented Nov 14, 2022

Adam,
You are right and README may be improved in this regards.
At the same time the example configuration contains almost exactly what you propose. Please have a look here:
https://github.com/nginxinc/nginx-ldap-auth/blame/master/nginx-ldap-auth.conf#L55

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@eLvErDe @oxpa