nginx basic_auth fails when moving outside location, to "root"
This works:
location /someplace/ {
auth_basic "Restricted Access";
auth_basic_user_file /etc/nginx/.htpasswd;
}
I go to /someplace/ and I get prompted for the user and password and can authenticate successfuly. However, moving those exact lines to the root, or even location / then produces strange behavior:
Chrome keeps asking to authenticate again and again, and nginx' debug output shows no user/password was provided for basic authentication.
Server config:
server {
listen 443 ssl;
server_name some_domain;
root /some_path;
passenger_enabled on;
passenger_ruby /usr/lib/fullstaq-ruby/versions/2.6.6-jemalloc/bin/ruby;
passenger_env_var RAILS_ENV staging;
# This causes the issue:
#auth_basic "Restricted";
#auth_basic_user_file /etc/nginx/.htpasswd;
location / {
index index.html index.htm;
# This also causes the same issue:
#auth_basic "Restricted";
#auth_basic_user_file /etc/nginx/.htpasswd;
}
error_page 404 /404.html;
# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
location /some_path { return 301 /some_path/; }
location /some_path/ {
# This works as expected on some_path:
auth_basic "Restricted";
auth_basic_user_file /etc/nginx/.htpasswd;
if (!-e $request_filename){
rewrite ^/some_path(/|$) /some_path/index.html break;
}
}
}
Solution 1:
Your application likely uses HTTP authentication too. This means, credentials expected by nginx are accepted, but then the application wants another set of credentials passed via HTTP authentication.
To solve this, you need to make sure you have only one place where you implement HTTP authentication.