This is a great library! But it doesn't do what I need.
In my scenario there is no access phase.
There is only the content phase during which the proxied resource
might answer with 401. And in this case I have to authenticate, save the Cookie
and use it in all subsequent requests to the proxied resource.
I think I'm getting closer to understanding how to implement this.
One thing that I cannot understand is how to implement a critical section in Lua
for authenticating and saving the Cookie.
The authentication request must be only one and after it is successful all other
request might proceed to the proxied resource with the Cookie saved from the
authentication request.
On Monday, June 25, 2018 at 7:26:17 PM UTC+3, Christian Battaglia wrote:
Hola hola! Might I recommend
https://github.com/zmartzone/lua-resty-openidc/tree/master/lib/resty?
On Sunday, June 24, 2018 at 4:40:11 PM UTC-4, Grigory Ptashko wrote:
Hello.
I want to use openresty as a reverse proxy for an https resource
that requires form authentication. I want openresty to behave like this:
- A user sends a request to openresty.
- Openresty sends this request to my https resource.
- If the resource answers with 200 then Openresty gives the response back to the user.
- If the resource answers with 401 then Openresty must submit a POST-request with a login and a password (they will be specified in the nginx.conf).
- After successful authentication the https resource sends back the Set-Cookie header from which all subsequent requests to the resource must have in the Cookie header.
In other words openresty must authenticate if needed and use
the Cookie on further requests to the resource. But it must not
authenticate on every user request. Just in case the resource
answers with 401.
Can anyone tell me the steps to make it work? I mean I will
write a script in Lua but I don't understand the generic pattern
in terms of nginx-lua phases (access, content, etc).
Thank you!