这里写自定义目录标题
欢迎使用Markdown编辑器
我有以下测试nginx配置:
user nginx;
worker_processes auto;
error_log /dev/stderr debug;
pid /var/run/nginx.pid;
events {
worker_connections 1024;
}
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
access_log /dev/stderr main;
sendfile on;
keepalive_timeout 65;
upstream content {
server 127.0.0.1:4001;
}
server {
listen 4000;
server_name test;
gzip off;
autoindex off;
location /test-auth {
add_header X-Test "testvalue";
return 200;
}
location /proxy {
add_header "X-Test1" "test1";
auth_request /test-auth;
auth_request_set $test $sent_http_x_test;
auth_request_set $test2 $upstream_status;
add_header X-Test $test;
add_header X-Test2 $test2;
proxy_pass http://content?test=$test&test2=$test2;
proxy_pass_request_body off;
}
}
server {
listen 4001;
add_header X-Test3 "test3";
return 200 "testt response $args";
}
}
我期望请求HTTP将返回所有测试头:X-Test (由身份验证请求返回的头)、X-Test1 (仅是一个示例)、X-Test2 (身份验证请求HTTP的值)、X-Test3 (由content下游设置)。
但实际上,这个请求只返回X-Test1和X-Test2。我无法通过auth_request_set指令获取任何值(标头或返回状态)。我尝试了在谷歌中找到的两种变量名:KaTeX parse error: Double subscript at position 12: sent_http_x_̲test和upstream_http_x_test,但都没有成功。$test变量始终为空。
我看到了以下官方示例:,
但auth_request_set $test2
u
p
s
t
r
e
a
m
s
t
a
t
u
s
;
行也不起作用,
upstream_status;行也不起作用,
upstreamstatus;行也不起作用,test2变量始终为空。
我哪里做错了?
问题是/test-auth位置没有配置上行,您可以尝试下面的配置。
改成 $upstream_http_x_test。
user nginx;
worker_processes auto;
error_log /dev/stderr debug;
pid /var/run/nginx.pid;
events {
worker_connections 1024;
}
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
access_log /dev/stderr main;
sendfile on;
keepalive_timeout 65;
upstream content {
server 127.0.0.1:4001;
}
server {
listen 4000;
server_name test;
gzip off;
autoindex off;
location /real-auth {
add_header X-Test "testvalue";
return 200;
}
location /test-auth {
proxy_pass http://127.0.0.1:4000/real-auth;
}
location /proxy {
add_header "X-Test1" "test1";
auth_request /test-auth;
auth_request_set $test $upstream_http_x_test;
auth_request_set $test2 $upstream_status;
add_header X-Test $test;
add_header X-Test2 $test2;
proxy_pass http://content?test=$test&test2=$test2;
proxy_pass_request_body off;
}
}
server {
listen 4001;
add_header X-Test3 "test3";
return 200 "testt response $args";
}
}
Why does auth_request require proxy_pass to be able to get headers and return status? –
-
Alexander Pravdin
Oct 13, 2021 at 15:17
Seems that auth_request do not send request directlly, it looks like reading configure from /test-auth block. you can check the access.log, there’s requests sent to /test-auth, auth requests are directly sent to /real-auth –
emptyhua
Oct 13, 2021 at 15:23 -
One of nginx contributors helped to find out the root cause: github.com/nginx/njs/issues/417#issuecomment-942494313 The issue is in ngx_http_headers_module. add_header is ignored for subrequest “(r != r->main)”, and auth_request is a subrequest. This means that add_header is working differently when a location is directly accessed versus as a subrequest. –
Alexander Pravdin
Oct 13, 2021 at 17:10
2239
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
