Opened 8 years ago
Closed 8 years ago
#1074 closed defect (invalid)
proxy_set_header Authorization not working
| Reported by: | Owned by: | ||
|---|---|---|---|
| Priority: | minor | Milestone: | |
| Component: | other | Version: | 1.6.x |
| Keywords: | Authorization | Cc: | |
| uname -a: | Linux raspberrypi 4.4.13-v7+ #894 SMP Mon Jun 13 13:13:27 BST 2016 armv7l GNU/Linux | ||
| nginx -V: |
nginx version: nginx/1.6.2
TLS SNI support enabled configure arguments: --with-cc-opt='-g -O2 -fstack-protector-strong -Wformat -Werror=format-security -D_FORTIFY_SOURCE=2' --with-ld-opt=-Wl,-z,relro --prefix=/usr/share/nginx --conf-path=/etc/nginx/nginx.conf --http-log-path=/var/log/nginx/access.log --error-log-path=/var/log/nginx/error.log --lock-path=/var/lock/nginx.lock --pid-path=/run/nginx.pid --http-client-body-temp-path=/var/lib/nginx/body --http-fastcgi-temp-path=/var/lib/nginx/fastcgi --http-proxy-temp-path=/var/lib/nginx/proxy --http-scgi-temp-path=/var/lib/nginx/scgi --http-uwsgi-temp-path=/var/lib/nginx/uwsgi --with-debug --with-pcre-jit --with-ipv6 --with-http_ssl_module --with-http_stub_status_module --with-http_realip_module --with-http_auth_request_module --with-http_addition_module --with-http_dav_module --with-http_geoip_module --with-http_gzip_static_module --with-http_image_filter_module --with-http_spdy_module --with-http_sub_module --with-http_xslt_module --with-mail --with-mail_ssl_module --add-module=/build/nginx-sYtngi/nginx-1.6.2/debian/modules/nginx-auth-pam --add-module=/build/nginx-sYtngi/nginx-1.6.2/debian/modules/nginx-dav-ext-module --add-module=/build/nginx-sYtngi/nginx-1.6.2/debian/modules/nginx-echo --add-module=/build/nginx-sYtngi/nginx-1.6.2/debian/modules/nginx-upstream-fair --add-module=/build/nginx-sYtngi/nginx-1.6.2/debian/modules/ngx_http_substitutions_filter_module |
||
Description
I try to pass an Authorization header to a backend proxy with the following configuration. Anyhow this does not work and in access.log the following error is reported:
192.168.80.145 - - [13/Sep/2016:22:18:15 +0200] "GET /cameraFrontHousePic/ HTTP/1.1" 401 186 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:48.0) Gecko/20100101 Firefox/48.0"
The credentials I pass are created using:
echo "user:pass" | base64
server {
listen 80;
rewrite ^(.*) https://$host$1 permanent;
}
server {
listen 443 ssl default_server;
server_name wg.it.cx;
ssl_certificate /home/pi/cert/fullchain1.pem;
ssl_certificate_key /home/pi/cert/privkey1.pem;
root /var/www/html;
server_name example.g.local;
index index.html index.htm;
location / {
try_files $uri $uri/ =404;
}
location /cameraFrontHousePic/ {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass http://10.0.0.221/;
proxy_set_header Authorization "Basic dXNlcjpwYXNzCg==";
proxy_pass_header Authorization;
}
Change History (2)
comment:1 by , 8 years ago
comment:2 by , 8 years ago
| Resolution: | → invalid |
|---|---|
| Status: | new → closed |
Note:
See TracTickets
for help on using tickets.
I found the solution immediately after filing this ticket.
echo also prints a new line therefore the base64 encoding simply is wrong -.-
gives the correct hash which is dXNlcjpwYXNz