How to use nginx to proxy to a host requiring authentication?

How can I setup an nginx proxy_pass directive that will also include HTTP Basic authentication information sent to the proxy host?

This is an example of the URL I need to proxy to:

http://username:[email protected]/export?uuid=1234567890

The end goal is to allow 1 server present files from another server (the one we're proxying to) without exposing the URI of the proxy server. I have this working 90% correct now from following the Nginx config found here:

http://kovyrin.net/2010/07/24/nginx-fu-x-accel-redirect-remote/

I just need to add in the HTTP Basic authentication to send to the proxy server

Answers 4

  • I got this working with alvosu's answer but I had to enter the word "Basic" inside the quotation of the base64 string so it looked like this:

    proxy_set_header Authorization "Basic dGVzdHN0cmluZw==";
    

  • I did a writeup on this a while ago. See the details here:

    http://shairosenfeld.blogspot.com/2011/03/authorization-header-in-nginx-for.html

    For example:

     location / {
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_pass http://6.6.6.6:80;
        proxy_set_header Authorization "Basic a2luZzppc25ha2Vk";
     }
    

    "a2luZzppc25ha2Vk" is "king:isnaked" base64 encoded, so that would work for

    http://king:[email protected]

    Feel free to check out blog post for more details.



  • Remove the authorization header that gets passed forwarded by nginx with proxy_set_header Authorization "";.

    I configured nginx to do basic auth but the Authorization header was getting passed along in the proxy_pass directive and the receiving end couldn't handle the token.

    # Basic Auth
    auth_basic "Private Stuff";
    auth_basic_user_file /etc/nginx/.htpasswd;
    
    location /server {
        proxy_pass http://172.31.31.140:9090;
        proxy_set_header Authorization "";
    }
    

    (Specific to my case, this error was returned Reason: No AuthenticationProvider found for org.springframework.security.authentication.UsernamePasswordAuthenticationToken)


Related Questions